Help with RunDLL (Error loading C:\Users\*******\AppData\Local\Temp\opnnn.dll and xxyvs.dll

Posted 3/16/2008 11:25 AM
#60555
User avatar

skelly87 Member

Date Joined Nov 2016
Total Posts: 5
I had a trojan nebuler and eventually removed, i used hijackthis to remove some selected files and im not sure if it was the opnnn.dll and xxyvs. <br/> <br/>i am always getting these RunDLL errors at startup but im wanted to get rid of these hopefully with some help <br/> <br/>please help :)
Posted 3/16/2008 11:54 AM
#60556
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Hello :smurf: <br/> <br/><br /><br /> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN-GB">Click here - ->> <SPAN style="FONT-SIZE: 9pt; COLOR: red; FONT-FAMILY: Verdana; mso-bidi-font-size: 8.0pt; mso-bidi-font-family: Tahoma"><SPAN lang=EN style="mso-bidi-font-size: 12.0pt; mso-ansi-language: EN">Before posting a log<SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: red; FONT-FAMILY: Verdana; mso-bidi-font-size: 8.0pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma"> <?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" /><o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: red; FONT-FAMILY: Verdana; mso-bidi-font-size: 8.0pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: red; FONT-FAMILY: Verdana; mso-bidi-font-size: 8.0pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN-GB"><SPAN style="mso-spacerun: yes"> After You have run the scan tools -<SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN-GB; mso-bidi-font-family: 'Arial Unicode MS'"><o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN-GB"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN-GB">Reboot normally<o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN-GB"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN-GB">Post Hijackthis log along with SuperAntiSpyware log, , C: combofix TXT <SPAN lang=EN-GB style="FONT-SIZE: 8pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB"><SPAN style="mso-spacerun: yes"> <SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: red; FONT-FAMILY: Verdana; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN-GB">in this topic<SPAN lang=EN-GB style="FONT-FAMILY: 'Arial Unicode MS'; mso-ansi-language: EN-GB; mso-bidi-font-family: 'Times New Roman'; mso-fareast-font-family: 'Times New Roman'"><o:p></o:p> <br/> <br/><br /><br />

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 3/16/2008 1:47 PM
#60558
User avatar

skelly87 Member

Date Joined Nov 2016
Total Posts: 5
is this for windows vista
Posted 3/16/2008 2:55 PM
#60560
User avatar

skelly87 Member

Date Joined Nov 2016
Total Posts: 5
this is combo fix txt <br/> <br/>ComboFix 08-03-14.4 - skelly87 2008-03-16 14:43:01.1 - NTFSx86 <br/>Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.856 [GMT 0:00] <br/>Running from: C:\Users\skelly87\Desktop\ComboFix.exe <br/> * Created a new restore point <br/>. <br/> <br/>((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/> <br/>C:\Windows\system32\x64 <br/> <br/>. <br/>((((((((((((((((((((((((( Files Created from 2008-02-16 to 2008-03-16 ))))))))))))))))))))))))))))))) <br/>. <br/> <br/>No new files created in this timespan <br/> <br/>. <br/>(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>2008-03-16 13:58 --------- d-----w C:\Program Files\Common Files\Symantec Shared <br/>2008-03-16 13:00 --------- d-----w C:\PROGRA~2\Symantec <br/>2008-03-16 12:59 --------- d-----w C:\Program Files\Norton 360 <br/>2008-03-16 12:31 --------- d-----w C:\Users\skelly87\AppData\Roaming\Symantec <br/>2008-03-16 12:29 805 ----a-w C:\Windows\system32\drivers\SYMEVENT.INF <br/>2008-03-16 12:29 123,952 ----a-w C:\Windows\system32\drivers\SYMEVENT.SYS <br/>2008-03-16 12:29 10,563 ----a-w C:\Windows\system32\drivers\SYMEVENT.CAT <br/>2008-03-16 12:29 --------- d-----w C:\Program Files\Symantec <br/>2008-03-15 23:11 --------- d-----w C:\Program Files\Spybot - Search & Destroy <br/>2008-03-15 22:35 --------- d-----w C:\PROGRA~2\Spybot - Search & Destroy <br/>2008-03-15 11:53 --------- d-----w C:\PROGRA~2\Avg8 <br/>2008-03-15 11:11 4,600 ----a-w C:\Windows\System32\tmp.reg <br/>2008-03-14 21:55 --------- d-----w C:\Program Files\AVG <br/>2008-03-12 19:44 --------- d-----w C:\Program Files\Windows Mail <br/>2008-03-12 19:04 --------- d-----w C:\PROGRA~2\Microsoft Help <br/>2008-03-12 18:37 --------- d--h--w C:\Program Files\InstallShield Installation Information <br/>2008-03-09 15:41 --------- d-----w C:\Users\skelly87\AppData\Roaming\GetRightToGo <br/>2008-03-09 15:39 --------- d-----w C:\Program Files\GoldWave <br/>2008-03-09 11:43 --------- d-----w C:\Program Files\PMFplay H.264 Decoder <br/>2008-03-07 19:48 --------- d-----w C:\Program Files\Drastic <br/>2008-03-07 15:54 --------- d-----w C:\Program Files\MegauploadToolbar <br/>2008-03-03 12:15 --------- d-----w C:\Program Files\Probeers(p)el <br/>2008-03-02 16:12 --------- d-----w C:\Program Files\Pegasys Inc <br/>2008-02-29 15:11 --------- d-----w C:\Users\skelly87\AppData\Roaming\SEGA <br/>2008-02-27 22:39 --------- d-----w C:\Program Files\Windows Live <br/>2008-02-27 19:20 --------- d-----w C:\Program Files\QuickTime Alternative <br/>2008-02-27 19:19 --------- d-----w C:\PROGRA~2\Apple Computer <br/>2008-02-27 18:18 --------- d-----w C:\Users\skelly87\AppData\Roaming\LEAPS <br/>2008-02-27 18:00 --------- d-----w C:\Users\Administrator\AppData\Roaming\Pegasys Inc <br/>2008-02-27 17:46 --------- d-----w C:\Users\Administrator\AppData\Roaming\Talkback <br/>2008-02-27 17:46 --------- d-----w C:\Users\Administrator\AppData\Roaming\Megaupload <br/>2008-02-27 16:47 --------- d-----w C:\Users\skelly87\AppData\Roaming\Pegasys Inc <br/>2008-02-26 10:31 --------- d-----w C:\Users\skelly87\AppData\Roaming\dvdcss <br/>2008-02-24 21:06 --------- d-----w C:\PROGRA~2\FLEXnet <br/>2008-02-24 21:04 --------- d-----w C:\Program Files\Common Files\Adobe <br/>2008-02-24 20:59 --------- d-----w C:\PROGRA~2\ALM <br/>2008-02-24 20:39 --------- d-----w C:\Program Files\QuickTime <br/>2008-02-24 20:10 --------- d-----w C:\Program Files\Bonjour <br/>2008-02-24 20:02 --------- d-----w C:\Program Files\Common Files\Macrovision Shared <br/>2008-02-24 00:22 --------- d-----w C:\Users\skelly87\AppData\Roaming\ErrorSmart <br/>2008-02-22 19:53 --------- d-----w C:\Users\skelly87\AppData\Roaming\SystemRequirementsLab <br/>2008-02-22 19:53 --------- d-----w C:\Program Files\SystemRequirementsLab <br/>2008-02-22 19:52 --------- d-----w C:\Program Files\Java <br/>2008-02-22 19:47 --------- d-----w C:\Program Files\Common Files\Java <br/>2008-02-21 18:06 --------- d-----w C:\Users\skelly87\AppData\Roaming\Megaupload <br/>2008-02-21 18:05 --------- d-----w C:\Users\skelly87\AppData\Roaming\MegauploadToolbar <br/>2008-02-21 18:04 --------- d-----w C:\Users\skelly87\AppData\Roaming\InstallShield <br/>2008-02-21 18:04 --------- d-----w C:\Program Files\Megaupload <br/>2008-02-20 16:33 348,160 ----a-w C:\Windows\System32\pnup0.dll <br/>2008-02-20 16:33 --------- d-----w C:\Program Files\Common Files\xing shared <br/>2008-02-20 16:33 --------- d-----w C:\Program Files\Common Files\Real <br/>2008-02-20 15:55 --------- d-----w C:\Program Files\Real <br/>2008-02-20 01:06 24,112 ----a-w C:\Windows\system32\drivers\SymIMV.sys <br/>2008-02-15 19:21 --------- d-----w C:\Users\skelly87\AppData\Roaming\Download Manager <br/>2008-02-13 16:32 194,560 ----a-w C:\Windows\System32\WebClnt.dll <br/>2008-02-13 16:32 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys <br/>2008-02-13 16:27 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys <br/>2008-02-13 16:27 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe <br/>2008-02-13 16:27 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe <br/>2008-02-13 16:27 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys <br/>2008-02-13 16:27 17,464 ----a-w C:\Windows\system32\drivers\intelide.sys <br/>2008-02-13 16:27 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys <br/>2008-02-13 16:27 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys <br/>2008-02-13 16:26 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys <br/>2008-02-13 16:26 24,064 ----a-w C:\Windows\System32\netcfg.exe <br/>2008-02-13 16:26 22,016 ----a-w C:\Windows\System32\netiougc.exe <br/>2008-02-13 16:26 216,632 ----a-w C:\Windows\system32\drivers\netio.sys <br/>2008-02-13 16:26 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll <br/>2008-02-13 16:25 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll <br/>2008-02-13 16:25 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll <br/>2008-02-13 16:25 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll <br/>2008-02-13 16:25 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll <br/>2008-02-13 16:25 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll <br/>2008-02-13 16:25 1,686,528 ----a-w C:\Windows\System32\gameux.dll <br/>2008-02-13 16:22 824,832 ----a-w C:\Windows\System32\wininet.dll <br/>2008-02-13 16:22 56,320 ----a-w C:\Windows\System32\iesetup.dll <br/>2008-02-13 16:22 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll <br/>2008-02-13 16:22 26,624 ----a-w C:\Windows\System32\ieUnatt.exe <br/>2008-02-11 15:40 --------- d-----w C:\Program Files\MarkAny <br/>2008-02-10 18:34 --------- d-----w C:\Program Files\7-Zip <br/>2008-02-10 16:44 --------- d-----w C:\Program Files\Ubisoft <br/>2008-02-08 15:42 --------- d-----w C:\Program Files\Dziobas Rar Player <br/>2008-02-06 21:43 13,021 ----a-w C:\Windows\system32\drivers\SymRedir.cat <br/>2008-02-05 19:34 96,432 ----a-w C:\Windows\system32\drivers\symfw.sys <br/>2008-02-05 19:34 41,008 ----a-w C:\Windows\system32\drivers\symndisv.sys <br/>2008-02-05 19:34 38,576 ----a-w C:\Windows\system32\drivers\symids.sys <br/>2008-02-05 19:34 22,320 ----a-w C:\Windows\system32\drivers\symredrv.sys <br/>2008-02-05 19:34 188,464 ----a-w C:\Windows\system32\drivers\symtdi.sys <br/>2008-02-05 19:34 13,616 ----a-w C:\Windows\system32\drivers\symdns.sys <br/>2008-02-05 19:34 1,612 ----a-w C:\Windows\system32\drivers\SymRedir.inf <br/>2008-02-04 20:27 1,430 ----a-w C:\Windows\system32\drivers\srtspl.inf <br/>2008-02-04 20:27 1,421 ----a-w C:\Windows\system32\drivers\srtspx.inf <br/>2008-02-04 20:27 1,415 ----a-w C:\Windows\system32\drivers\srtsp.inf <br/>2008-02-02 10:58 --------- d-----w C:\Program Files\DOSBox-0.70 <br/>2008-02-01 22:55 10,549 ----a-w C:\Windows\system32\drivers\srtspx.cat <br/>2008-02-01 22:55 10,549 ----a-w C:\Windows\system32\drivers\srtspl.cat <br/>2008-02-01 22:55 10,545 ----a-w C:\Windows\system32\drivers\srtsp.cat <br/>2008-02-01 11:11 586,240 ----a-w C:\Windows\WLXPGSS.SCR <br/>2008-02-01 01:51 43,696 ----a-w C:\Windows\system32\drivers\srtspx.sys <br/>2008-02-01 01:51 317,616 ----a-w C:\Windows\system32\drivers\srtspl.sys <br/>. <br/> <br/>((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>*Note* empty entries & legit default entries are not shown <br/>REGEDIT4 <br/> <br/>[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] <br/>2008-02-24 02:08 349552 --a------ C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll <br/> <br/>[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] <br/>2008-03-16 12:28 116088 --a------ C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll <br/> <br/>[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}] <br/>2007-12-10 13:46 1510424 --a------ C:\Program Files\free-downloads.net\tbfree.dll <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] <br/>"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"= "C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll" [2008-02-24 02:08 349552] <br/> <br/>[HKEY_CLASSES_ROOT\clsid\{7febefe3-6b19-4349-98d2-ffb09d4b49ca}] <br/>[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar.1] <br/>[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar] <br/> <br/>[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] <br/>"{ECDEE021-0D17-467F-A1FF-C7A115230949}"= C:\Program Files\free-downloads.net\tbfree.dll [2007-12-10 13:46 1510424] <br/>"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"= C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll [2008-02-24 02:08 349552] <br/> <br/>[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}] <br/> <br/>[HKEY_CLASSES_ROOT\clsid\{7febefe3-6b19-4349-98d2-ffb09d4b49ca}] <br/>[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar.1] <br/>[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar] <br/> <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayExcluded] <br/>@={4433A54A-1AC8-432F-90FC-85F045CF383C} <br/> <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayPending] <br/>@={F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} <br/> <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayProtected] <br/>@={476D0EA3-80F9-48B5-B70B-05E677C9C148} <br/> <br/>[HKEY_CLASSES_ROOT\CLSID\{4433A54A-1AC8-432F-90FC-85F045CF383C}] <br/>2008-02-26 08:34 576352 --a------ C:\Program Files\Common Files\Symantec Shared\Backup\buShell.dll <br/> <br/>[HKEY_CLASSES_ROOT\CLSID\{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}] <br/>2008-02-26 08:34 576352 --a------ C:\Program Files\Common Files\Symantec Shared\Backup\buShell.dll <br/> <br/>[HKEY_CLASSES_ROOT\CLSID\{476D0EA3-80F9-48B5-B70B-05E677C9C148}] <br/>2008-02-26 08:34 576352 --a------ C:\Program Files\Common Files\Symantec Shared\Backup\buShell.dll <br/> <br/>[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <br/>"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-09 14:34 1232896] <br/>"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 12:35 125440] <br/>"Acer Tour Reminder"="" [] <br/>"MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184] <br/>"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 15:30 249856] <br/>"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 12:36 201728] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <br/>"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-12-28 21:02 1006264] <br/>"RtHDVCpl"="RtHDVCpl.exe" [2007-03-01 07:38 4390912 C:\Windows\RtHDVCpl.exe] <br/>"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 03:00 815104] <br/>"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-02-07 07:04 464168] <br/>"Acer Tour"="" [] <br/>"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2006-12-08 12:35 614400] <br/>"eRecoveryService"="" [] <br/>"eDSMSNfix"="C:\Acer\Empowering Technology\eDSMSNfix.exe" [2007-02-08 17:40 13312] <br/>"Acer Tour Reminder"="C:\Acer\AcerTour\Reminder.exe" [2007-01-17 16:01 151552] <br/>"WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 21:48 57344] <br/>"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2007-10-18 09:19 141848] <br/>"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2007-10-18 09:18 166424] <br/>"Persistence"="C:\Windows\system32\igfxpers.exe" [2007-10-18 09:18 133656] <br/>"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 07:00 33648] <br/>"XboxStat"="C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2007-09-26 18:05 734264] <br/>"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-02-20 16:33 185896] <br/>"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496] <br/>"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-01-11 19:54 623992] <br/>"Adobe_ID0EYTHM"="C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" [2007-03-20 16:40 1884160] <br/>"QuickTime Task"="C:\Program Files\QuickTime Alternative\QTTask.exe" [2008-01-10 15:27 385024] <br/>"RegistryMechanic"="" [] <br/>"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2008-02-18 19:37 51048] <br/>"osCheck"="C:\Program Files\Norton 360\osCheck.exe" [2008-02-26 14:50 988512] <br/> <br/>[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] <br/>"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184] <br/> <br/>C:\Users\skelly87\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ <br/>OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2007-08-24 04:45:42 101784] <br/> <br/>C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ <br/>Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 11:44:06 29696] <br/>Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2007-03-22 10:56:44 528384] <br/> <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] <br/>"AppInit_DLLs"=eNetHook.dll <br/> <br/>[HKEY_LOCAL_MACHINE\software\microsoft\security center] <br/>"UacDisableNotify"=dword:00000001 <br/>"InternetSettingsDisableNotify"=dword:00000001 <br/>"AutoUpdateDisableNotify"=dword:00000001 <br/> <br/>[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] <br/>"DisableMonitoring"=dword:00000001 <br/> <br/>[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] <br/>"DisableMonitoring"=dword:00000001 <br/> <br/>[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] <br/>"DisableMonitoring"=dword:00000001 <br/> <br/>[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile] <br/>"EnableFirewall"= 0 (0x0) <br/> <br/>[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] <br/>"{9AD97BE8-9399-41D8-A697-4600EF8BD101}"= C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe <br/>"{A466396A-B9D7-44F7-9D60-3BAE64855644}"= C:\Program Files\Acer Arcade Deluxe\DVDivine\DVDivine.exe:DVDivine <br/>"{B97FC05B-7756-43D0-B0D3-97D89F6D51F5}"= C:\Program Files\Acer Arcade Deluxe\VideoMagician\MagicDirector.exe:CyberLink MagicDirector <br/>"{10A600E2-1475-4D64-97C2-BCAE74289E8F}"= C:\Program Files\Acer Arcade Deluxe\DV Wizard\PowerDV.exe:CyberLink PowerDV <br/>"{8C75BAA3-A66D-40DA-987C-A9B3E2A42DD6}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote <br/>"{E68602A6-FF59-4238-980E-8F99D65D7629}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote <br/>"{E0BFCC31-01F9-4CE9-9D75-0CDFEBD230FE}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) <br/>"{A507FA44-AB7D-49A2-9252-D2BAAACB4181}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) <br/>"{6EEE9DA0-6D9F-443E-B922-535D393BF70D}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook <br/>"{A746282E-F68E-437E-BFE9-31CC12C5D4F8}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove <br/>"{22A74B1D-08D1-4062-A59C-2C175DC8BE62}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove <br/>"{4A7933B0-7A90-4FF0-9285-E21A03B6C14C}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote <br/>"{8ED1E511-C465-46CD-815A-ABAEA5207A9C}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote <br/>"{FA4B69FC-F5AD-4DAA-96B5-29227F4DAEB7}"= UDP:5555:Ehshell.exe <br/>"{A3BC9F64-4F61-4E88-B542-23AD8F561CC6}"= TCP:7777:Ehshell.exe <br/>"{5930BA2F-21FE-4582-9978-1F403043BFEE}"= TCP:3776:Mcrdsvc.exe <br/>"{AA1E44A7-28E9-4E10-9AD3-6D008B8C2307}"= TCP:1900:Svchost.exe <br/>"{4857BAD2-4202-421A-9AC6-A4FB617410BC}"= UDP:3390:Svchost.exe <br/>"{3DA11680-7E00-4719-BF49-D453143B657A}"= UDP:3932:Mcrmgr.exe <br/>"{4AAC70DD-9D80-4C23-A51B-E63BD4D96B03}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) <br/>"{E60B3A8B-C509-4420-83D3-A993799BA0E3}"= UDP:C:\Windows\System32\muzapp.exe:MUZ AOD APP player <br/>"{0BE5F716-E1A3-407F-85C7-AA8C6650C776}"= TCP:C:\Windows\System32\muzapp.exe:MUZ AOD APP player <br/>"{970D962A-D283-4563-82C7-2A7D04FAF738}"= UDP:C:\Program Files\Megaupload\Mega Manager\MegaManager.exe:Mega Manager <br/>"{1A8E32E8-3141-48EE-BE53-1D88D6A9DEAC}"= TCP:C:\Program Files\Megaupload\Mega Manager\MegaManager.exe:Mega Manager <br/>"{980FC77D-50DE-41D1-BEE1-958515B359A3}"= UDP:3703:Adobe Version Cue CS3 Server <br/>"{5D7C7DE6-B18F-4401-BFD3-F7B9A48C9FCB}"= UDP:3704:Adobe Version Cue CS3 Server <br/>"{835E6196-8F42-4AF1-9A81-88B0144BD62B}"= UDP:50900:Adobe Version Cue CS3 Server <br/>"{C4495A40-D055-48A5-9DD1-C752D546D56B}"= UDP:50901:Adobe Version Cue CS3 Server <br/>"{DCBCF23D-F28B-4B0D-8C68-3928DFEC0D5A}"= UDP:C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server <br/>"{CBF67664-A5AE-44CA-A557-4A2E6C343B01}"= TCP:C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server <br/> <br/>[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] <br/>"EnableFirewall"= 0 (0x0) <br/> <br/>[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System] <br/>"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic| <br/> <br/>[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] <br/>"EnableFirewall"= 0 (0x0) <br/> <br/>R0 PSDFilter;PSDFilter;C:\Windows\system32\DRIVERS\psdfilter.sys [2007-02-07 07:04] <br/>R0 PSDNServ;PSDNSERVER;C:\Windows\system32\drivers\PSDNServ.sys [2007-02-07 07:04] <br/>R0 psdvdisk;psdvdisk;C:\Windows\system32\drivers\psdvdisk.sys [2007-02-07 07:04] <br/>R1 IDSvix86;Symantec Intrusion Prevention Driver;C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20080314.001\IDSvix86.sys [2008-02-15 14:56] <br/>R1 SymIM;Symantec Network Security Intermediate Filter Driver;C:\Windows\system32\DRIVERS\SymIMv.sys [2008-02-20 01:06] <br/>R2 ALaunchService;ALaunch Service;C:\Acer\ALaunch\ALaunchSvc.exe [2007-01-26 21:24] <br/>R2 eDataSecurity Service;eDataSecurity Service;"C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe" [2007-02-07 07:04] <br/>R2 eNet Service;eNet Service;C:\Acer\Empowering Technology\eNet\eNet Service.exe [2006-12-29 03:07] <br/>R2 eSettingsService;eSettings Service;C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-04-25 02:17] <br/>R2 LiveUpdate Notice;LiveUpdate Notice;"C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [] <br/>R2 MobilityService;MobilityService;C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 19:57] <br/>R2 WMIService;ePower Service;C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-01-02 16:33] <br/>R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-05 00:39] <br/>R3 COH_Mon;COH_Mon;C:\Windows\system32\Drivers\COH_Mon.sys [2008-01-13 02:32] <br/>R3 igfx;igfx;C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-10-18 09:05] <br/>R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;C:\Windows\system32\drivers\libusb0.sys [2005-03-09 20:50] <br/>R3 SYMNDISV;SYMNDISV;C:\Windows\system32\Drivers\SYMNDISV.SYS [2008-02-05 19:34] <br/>S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver;C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-12-19 04:18] <br/>S3 UMPass;Microsoft UMPass Driver;C:\Windows\system32\DRIVERS\umpass.sys [2006-11-02 08:55] <br/> <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] <br/>bthsvcs REG_MULTI_SZ BthServ <br/> <br/>[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8b22018f-b599-11dc-855d-0016d4de0dfe}] <br/>\shell\AutoRun\command - G:\autorun.exe <br/> <br/>*Newly Created Service* - COH_MON <br/>*Newly Created Service* - COMHOST <br/>*Newly Created Service* - EECTRL <br/>*Newly Created Service* - ERASERUTILDRV10741 <br/>. <br/>Contents of the 'Scheduled Tasks' folder <br/>"2008-02-24 07:50:05 C:\Windows\Tasks\ErrorSmart Scheduled Scan.job" <br/>- C:\Program Files\ErrorSmart\ErrorSmart.ex <br/>- C:\Program Files\ErrorSmart <br/>. <br/>************************************************************************** <br/> <br/>catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net <br/>Rootkit scan 2008-03-16 14:47:21 <br/>Windows 6.0.6000 NTFS <br/> <br/>scanning hidden processes ... <br/> <br/>scanning hidden autostart entries ... <br/> <br/>scanning hidden files ... <br/> <br/>scan completed successfully <br/>hidden files: 0 <br/> <br/>************************************************************************** <br/>. <br/>Completion time: 2008-03-16 14:48:39 <br/>. <br/>2008-03-15 10:54:07 --- E O F ---
Posted 3/16/2008 3:04 PM
#60561
User avatar

skelly87 Member

Date Joined Nov 2016
Total Posts: 5
this is hijackme txt log <br/> <br/>Logfile of HijackThis v1.99.1 <br/>Scan saved at 14:51:30, on 16/03/2008 <br/>Platform: Unknown Windows (WinNT 6.00.1904) <br/>MSIE: Internet Explorer v7.00 (7.00.6000.16609) <br/> <br/>Running processes: <br/>C:\Windows\system32\Dwm.exe <br/>C:\Windows\RtHDVCpl.exe <br/>C:\Program Files\Synaptics\SynTP\SynTPEnh.exe <br/>C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe <br/>C:\Program Files\Launch Manager\LManager.exe <br/>C:\Acer\Empowering Technology\eDSMSNfix.exe <br/>C:\Windows\System32\igfxtray.exe <br/>C:\Windows\System32\hkcmd.exe <br/>C:\Windows\system32\igfxsrvc.exe <br/>C:\Windows\System32\igfxpers.exe <br/>C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe <br/>C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe <br/>C:\Program Files\Common Files\Real\Update_OB\realsched.exe <br/>C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe <br/>C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe <br/>C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe <br/>C:\Program Files\Windows Sidebar\sidebar.exe <br/>C:\Windows\ehome\ehtray.exe <br/>C:\Windows\ehome\ehmsas.exe <br/>C:\Program Files\Windows Live\Messenger\msnmsgr.exe <br/>C:\Program Files\Windows Media Player\wmpnscfg.exe <br/>C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE <br/>C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE <br/>C:\Windows\system32\igfxext.exe <br/>C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE <br/>C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE <br/>C:\Windows\system32\taskeng.exe <br/>C:\Windows\system32\wbem\unsecapp.exe <br/>C:\Program Files\Mozilla Firefox\firefox.exe <br/>C:\Program Files\Megaupload\Mega Manager\MegaManager.exe <br/>C:\Program Files\Pegasys Inc\TMPGEnc 4.0 XPress\TMPGEnc4XP.exe <br/>C:\Windows\Explorer.exe <br/>C:\Windows\system32\notepad.exe <br/>C:\Windows\system32\SearchFilterHost.exe <br/>C:\Program Files\Hijackthis\HijackThis.exe <br/> <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = <br/>R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll <br/>R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll <br/>O1 - Hosts: ::1 localhost <br/>O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll <br/>O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll <br/>O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll <br/>O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll <br/>O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL <br/>O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll <br/>O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll <br/>O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll <br/>O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll <br/>O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll <br/>O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll <br/>O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll <br/>O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll <br/>O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll <br/>O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll <br/>O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll <br/>O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll <br/>O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL <br/>O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll <br/>O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide <br/>O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe <br/>O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe <br/>O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe <br/>O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe <br/>O4 - HKLM\..\Run: [eDSMSNfix] C:\Acer\Empowering Technology\eDSMSNfix.exe <br/>O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe <br/>O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe <br/>O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe <br/>O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe <br/>O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe <br/>O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" <br/>O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun <br/>O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot <br/>O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" <br/>O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" <br/>O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE <br/>O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime <br/>O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" <br/>O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe" <br/>O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun <br/>O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe <br/>O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background <br/>O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup <br/>O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe <br/>O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE <br/>O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe <br/>O4 - Global Startup: Empowering Technology Launcher.lnk = ? <br/>O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html <br/>O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html <br/>O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html <br/>O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html <br/>O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html <br/>O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html <br/>O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html <br/>O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html <br/>O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm <br/>O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 <br/>O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll <br/>O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll <br/>O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll <br/>O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll <br/>O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL <br/>O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll <br/>O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll <br/>O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll <br/>O11 - Options group: [INTERNATIONAL] International* <br/>O13 - Gopher Prefix: <br/>O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll <br/>O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL <br/>O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll <br/>O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL <br/>O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll <br/>O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL <br/>O20 - AppInit_DLLs: eNetHook.dll <br/>O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe <br/>O23 - Service: Adobe Version Cue CS3 - Unknown owner - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe" -win32service (file missing) <br/>O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe <br/>O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe <br/>O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe <br/>O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing) <br/>O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing) <br/>O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing) <br/>O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe <br/>O23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe <br/>O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing) <br/>O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe <br/>O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe <br/>O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe <br/>O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe <br/>O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe <br/>O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - http://libusb-win32.sourceforge.net - C:\Windows\system32\libusbd-nt.exe <br/>O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe <br/>O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE <br/>O23 - Service: LiveUpdate Notice - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing) <br/>O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe <br/>O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing) <br/>O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe <br/>O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing) <br/>O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe <br/>O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe <br/>O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing) <br/>O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Posted 3/17/2008 7:53 AM
#60582
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Looks clean to Me. How are things running now ?

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 3/17/2008 6:26 PM
#60604
User avatar

skelly87 Member

Date Joined Nov 2016
Total Posts: 5
I started up about 2 hours ago and the popups didnt appear anymore (STRANGE) <br/> <br/>Well i guessed its all fixed now lol <br/> <br/>Thanks for the Help
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Wednesday, December 7, 2016, 11:24 PM (GMT +1)
There are a total of 61,160 posts in 13,449 threads.
In the last 3 days there were 0 new threads and 0 reply posts.

Who's online

This forum has 37,967 registered members. Please welcome our newest member, ConcepcionJAbbate.
There are currently no users on-line.