Results 1 to 2 of 2
  1. #1
    Member
    Join Date
    Jan 2008
    Posts
    2
    Points
    0

    Default DETECTIVE WANTED ME TO POST THIS LOG FILE FOR ANALYSIS

    DTECTIVE SUGGESTED I POST THE FOLLOWING HIJACK THIS LOG FILE - MY SYSTEM CONTINUES TO NOT ALLOW A NORMAL STARTUP. IT TAKES ME TO THE SCREEN TO CHOOSE WHICH TYPE OF SAFE MODE. HERE IS THE LOG FILE. THANK YOU FOR YOUR HELP

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 7:17:23 AM, on 1/14/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Safe mode with network support

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32Info.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    F2 - REG:system.ini: Shell=explorer.exe
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
    O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
    O4 - HKLM\..\Run: [RoxAssistant] C:\Program Files\Common Files\Roxio Shared\Upgrade\RoxAssist.exe /s
    O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
    O4 - HKLM\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /QS
    O4 - HKLM\..\RunOnce: [ddvd.dll] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" +r"C:\Program Files\Common Files\Roxio Shared\DLLShared\dvd.dll"
    O4 - HKLM\..\RunOnce: [DVideoCD.dll] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" +r"C:\Program Files\Common Files\Roxio Shared\DLLShared\VideoCD.dll"
    O4 - HKLM\..\RunOnce: [DRMT.dll] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" +r"C:\Program Files\Common Files\Roxio Shared\DLLShared\RMT.dll"
    O4 - HKLM\..\RunOnce: [DCapture.dll] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" +r"C:\Program Files\Roxio\Easy CD Creator 6\PMStudio\Capture.dll"
    O4 - HKLM\..\RunOnce: [DDVDDump.ax] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" +r"C:\Program Files\Roxio\Easy CD Creator 6\PMStudio\DVDDump.ax"
    O4 - HKLM\..\RunOnce: [DDVFrameDet.ax] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" +r"C:\Program Files\Roxio\Easy CD Creator 6\PMStudio\DVFrameDet.ax"
    O4 - HKLM\..\RunOnce: [DPreview.dll] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" +r"C:\Program Files\Roxio\Easy CD Creator 6\PMStudio\Preview.dll"
    O4 - HKLM\..\RunOnce: [Dvergb24.ax] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" +r"C:\Program Files\Roxio\Easy CD Creator 6\PMStudio\vergb24.ax"
    O4 - HKLM\..\RunOnce: [DVideoTransition.ax] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" +r"C:\Program Files\Roxio\Easy CD Creator 6\PMStudio\VideoTransition.ax"
    O4 - HKLM\..\RunOnce: [DMultiFileReade] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" +r"C:\Program Files\Common Files\Roxio Shared\DLLShared\MultiFileReader.ax"
    O4 - HKLM\..\RunOnce: [DRxDump.ax] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" +r"C:\Program Files\Common Files\Roxio Shared\DLLShared\RxDump.ax"
    O4 - HKLM\..\RunOnce: [ACMWrapperV2.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\CDEngine\ACMWrapperV2.dll"
    O4 - HKLM\..\RunOnce: [MediaPlayerV2.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\CDEngine\MediaPlayerV2.dll"
    O4 - HKLM\..\RunOnce: [driversV2.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\CDEngine\driversV2.dll"
    O4 - HKLM\..\RunOnce: [Cdbootable.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\CreatorAPI\Cdbootable.dll"
    O4 - HKLM\..\RunOnce: [cdDataPS.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\CreatorAPI\cdDataPS.dll"
    O4 - HKLM\..\RunOnce: [cdExtra.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\CreatorAPI\cdExtra.dll"
    O4 - HKLM\..\RunOnce: [cdmp3.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\CreatorAPI\cdmp3.dll"
    O4 - HKLM\..\RunOnce: [database.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\CreatorAPI\database.dll"
    O4 - HKLM\..\RunOnce: [ISO9660.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\CreatorAPI\ISO9660.dll"
    O4 - HKLM\..\RunOnce: [Joliet.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\CreatorAPI\Joliet.dll"
    O4 - HKLM\..\RunOnce: [Udf.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\CreatorAPI\Udf.dll"
    O4 - HKLM\..\RunOnce: [creator.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\CreatorAPI\creator.dll"
    O4 - HKLM\..\RunOnce: [Translator.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\CreatorAPI\Translator.dll"
    O4 - HKLM\..\RunOnce: [CDEngine.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\CDEngine\CDEngine.dll"
    O4 - HKLM\..\RunOnce: [dvd.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\DLLShared\dvd.dll"
    O4 - HKLM\..\RunOnce: [DvdVR.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\DLLShared\DvdVR.dll"
    O4 - HKLM\..\RunOnce: [rmt.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\DLLShared\RMT.dll"
    O4 - HKLM\..\RunOnce: [shellex] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\shellex.dll"
    O4 - HKLM\..\RunOnce: [VideoCD.dll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\DLLShared\VideoCD.dll"
    O4 - HKLM\..\RunOnce: [zDvFrameDectectorax] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Roxio\Easy CD Creator 6\PMStudio\dvframedetector.ax"
    O4 - HKLM\..\RunOnce: [zvergb24ax] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Roxio\Easy CD Creator 6\PMStudio\vergb24.ax"
    O4 - HKLM\..\RunOnce: [zRoxPrvwdll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Roxio\Easy CD Creator 6\PMStudio\VideoTransition.ax"
    O4 - HKLM\..\RunOnce: [zPreviewdll] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Roxio\Easy CD Creator 6\PMStudio\Preview.dll"
    O4 - HKLM\..\RunOnce: [RxDumpax] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\DLLShared\RxDump.ax"
    O4 - HKLM\..\RunOnce: [MultiFileReader] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\DLLShared\MultiFileReader.ax"
    O4 - HKLM\..\RunOnce: [RxQuicktime] C:\WINDOWS\system32\regsvr32.exe /s "C:\Program Files\Common Files\Roxio Shared\DLLShared\RXQuicktime.ax"
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~3\wcescomm.exe"
    O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_08] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_09] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_10] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_08] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'NETWORK SERVICE')
    O4 - Global Startup: D-Link AirPlus Xtreme G Configuration Utility.lnk = ?
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

    --
    End of file - 10708 bytes

  2. #2
    Member
    Join Date
    Dec 2002
    Posts
    12,000
    Points
    1191

    Default

    Going to lock this topic as it is a duplicate, sort of :wink:

    BG