1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

help please =( HJT log

Discussion in 'Virus & Other Malware Removal' started by canupleasehelpme, Nov 5, 2007.

Thread Status:
Not open for further replies.
Page 1 of 4
Advertisement
  1. canupleasehelpme

    canupleasehelpme Thread Starter

    Joined:
    Aug 23, 2007
    Messages:
    56
    my gf's pc is messed up. here is a HJT log for her pc i just did it

    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 2:34:51 PM, on 11/5/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    Boot mode: Safe mode with network support

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\vvgeowbv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe
    C:\Documents and Settings\All Users\Desktop\Spyware Adware Remover\HiJackThis_v2.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?T...=Q405&bd=presario&pf=desktop&parm1=seconduser
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?T...=Q405&bd=presario&pf=desktop&parm1=seconduser
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?T...=Q405&bd=presario&pf=desktop&parm1=seconduser
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?T...=Q405&bd=presario&pf=desktop&parm1=seconduser
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?T...=Q405&bd=presario&pf=desktop&parm1=seconduser
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?T...=Q405&bd=presario&pf=desktop&parm1=seconduser
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?T...=Q405&bd=presario&pf=desktop&parm1=seconduser
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?T...=Q405&bd=presario&pf=desktop&parm1=seconduser
    F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\vvgeowbv.exe,C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ntos.exe,
    O1 - Hosts: 194.54.90.238 google.com
    O1 - Hosts: 194.54.90.238 google.ca
    O1 - Hosts: 194.54.90.238 www.google.com
    O1 - Hosts: 194.54.90.238 search.yahoo.com
    O1 - Hosts: 194.54.90.238 search.msn.com
    O1 - Hosts: 194.54.90.238 search.live.com
    O2 - BHO: (no name) - {00000012-890e-4aac-afd9-eff6954a34dd} - (no file)
    O2 - BHO: (no name) - {029e02f0-a0e5-4b19-b958-7bf2db29fb13} - (no file)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {06dfedaa-6196-11d5-bfc8-00508b4a487d} - (no file)
    O2 - BHO: (no name) - {1443D5E6-F92E-DA36-0BBA-0744992443D0} - C:\Program Files\Azugknma\lmqgopbm.dll
    O2 - BHO: (no name) - {1adbcce8-cf84-441e-9b38-afc7a19c06a4} - (no file)
    O2 - BHO: (no name) - {669695bc-a811-4a9d-8cdf-ba8c795f261e} - (no file)
    O2 - BHO: Explorer Helper - {696A82AF-3AD8-5A16-A1CA-32A59A63A863} - C:\WINDOWS\system\bremct32.dll
    O2 - BHO: (no name) - {6abc861a-31e7-4d91-b43b-d3c98f22a5c0} - (no file)
    O2 - BHO: BndShell3 BHO Class - {8ABA9A9C-8791-4d61-8D5B-BCC9448EA573} - C:\Program Files\ISM\BndDrive7.dll
    O2 - BHO: (no name) - {a4a435cf-3583-11d4-91bd-0048546a1450} - (no file)
    O2 - BHO: (no name) - {A6E432B4-D4C2-43B3-BF55-C364F8F7362A} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: C:\WINDOWS\system32\Dhgthfg.dll - {B5AC49A2-94F3-42BD-F434-2604812C897D} - C:\WINDOWS\system32\Dhgthfg.dll
    O2 - BHO: C:\WINDOWS\system32\S7dsf4g.dll - {B5AF0562-94F3-42BD-F434-2604812C297D} - C:\WINDOWS\system32\S7dsf4g.dll
    O2 - BHO: (no name) - {b8875bfe-b021-11d4-bfa8-00508b8e9bd3} - (no file)
    O2 - BHO: (no name) - {bb936323-19fa-4521-ba29-eca6a121bc78} - (no file)
    O2 - BHO: (no name) - {c2680e10-1655-4a0e-87f8-4259325a84b7} - (no file)
    O2 - BHO: (no name) - {c4ca6559-2cf1-48b6-96b2-8340a06fd129} - (no file)
    O2 - BHO: (no name) - {cb27822a-1dd1-11b2-88ab-d5ad0e2987dc} - C:\WINDOWS\zahqzgfy.dll
    O2 - BHO: (no name) - {d8efadf1-9009-11d6-8c73-608c5dc19089} - (no file)
    O2 - BHO: (no name) - {e9306072-417e-43e3-81d5-369490beef7c} - (no file)
    O2 - BHO: CBho Class - {F369DA09-FADE-44CB-987F-E2E0DEF51BCA} - C:\WINDOWS\system32\pgd.dll
    O2 - BHO: XBTP01621 - {F6104497-54FD-4688-9162-5115CC8AB0FB} - C:\PROGRA~1\BEARSH~2\BEARSH~1\MediaBar.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare applications\BearShare MediaBar\MediaBar.dll
    O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
    O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [startdrv] C:\WINDOWS\Temp\startdrv.exe
    O4 - HKLM\..\Run: [mebekufo] C:\Program Files\WindowsUpdate\mebekufo77798.exe
    O4 - HKLM\..\Run: [CheckWinPerf] C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\iowjwkem.exe
    O4 - HKLM\..\Run: [wdynmteb] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\wdynmteb.dll"
    O4 - HKLM\..\Run: [Microsoft Internet Explorer] C:\WINDOWS\system32\_svchost.exe
    O4 - HKLM\..\Run: [f94mggfhfghodftdf] C:\WINDOWS\TEMP\winlogan.exe
    O4 - HKLM\..\Run: [mtspafin] rundll32.exe "C:\Program Files\hofgbyhu\vgdslkru.dll",Init
    O4 - HKLM\..\Run: [SC2] C:\Program Files\SecCenter\scprot4.exe
    O4 - HKLM\..\Run: [otqfcdgz] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\otqfcdgz.dll"
    O4 - HKLM\..\Run: [mbqqdhxr] C:\Program Files\Tetoyxxw\mbqqdhxr.exe
    O4 - HKLM\..\Run: [svchost] C:\WINDOWS\svchost.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [f94mggfhfghodftdf] C:\WINDOWS\TEMP\winlogan.exe (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [Windows Rescue System] C:\WINDOWS\TEMP\winsto.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [f94mggfhfghodftdf] C:\WINDOWS\TEMP\winlogan.exe (User 'Default user')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O20 - Winlogon Notify: Gewibcr - C:\WINDOWS\SYSTEM32\Gewibcr.dll
    O21 - SSODL: ePSQrU - {5403312E-FEA9-9B84-DFF4-B3BC73979B69} - C:\WINDOWS\system32\hmeq.dll
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: sdf4dr4gfdgeetj - {B5AC49A2-94F3-42BD-F434-2604812C897D} - C:\WINDOWS\system32\Dhgthfg.dll
    O22 - SharedTaskScheduler: JGhjddf9dtj - {B5AF0562-94F3-42BD-F434-2604812C297D} - C:\WINDOWS\system32\S7dsf4g.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Microsoft Internet Explorer - Unknown owner - C:\WINDOWS\system32\_svchost.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe

    --
    End of file - 10282 bytes
     
    canupleasehelpme, Nov 5, 2007
    #1
  3. canupleasehelpme

    canupleasehelpme Thread Starter

    Joined:
    Aug 23, 2007
    Messages:
    56
    just got a combofix log. i have to run both on safe mode networking instead of normal mode.
     

    Attached Files:

    canupleasehelpme, Nov 5, 2007
    #2
  4. canupleasehelpme

    canupleasehelpme Thread Starter

    Joined:
    Aug 23, 2007
    Messages:
    56
    bump for help
     
    canupleasehelpme, Nov 6, 2007
    #3
  5. canupleasehelpme

    canupleasehelpme Thread Starter

    Joined:
    Aug 23, 2007
    Messages:
    56
    help me please???
     
    canupleasehelpme, Nov 8, 2007
    #4
  6. canupleasehelpme

    canupleasehelpme Thread Starter

    Joined:
    Aug 23, 2007
    Messages:
    56
    ???
     
    canupleasehelpme, Nov 10, 2007
    #5
  7. canupleasehelpme

    canupleasehelpme Thread Starter

    Joined:
    Aug 23, 2007
    Messages:
    56
    can anyone help me with this log???????????????????????????????????
     
    canupleasehelpme, Nov 11, 2007
    #6
  8. canupleasehelpme

    canupleasehelpme Thread Starter

    Joined:
    Aug 23, 2007
    Messages:
    56
    i really really need someone to help me with this!!!
     
    canupleasehelpme, Nov 12, 2007
    #7
  9. ~Candy~

    ~Candy~ Retired Administrator

    Joined:
    Jan 27, 2001
    Messages:
    103,706
    You sent me a private message. I will reply here. Why is there no virus program running? And does she use P2P programs, like ares, bearshare, limewire, etc.?
     
    ~Candy~, Nov 16, 2007
    #8
  10. canupleasehelpme

    canupleasehelpme Thread Starter

    Joined:
    Aug 23, 2007
    Messages:
    56
    shes uses bearshare. as far as the virus programs i dont really know. just when u turn the computer on it gets to the desktop screen and there are no icons and a solid blue bar on the bottom.
     
    canupleasehelpme, Nov 16, 2007
    #9
  11. ~Candy~

    ~Candy~ Retired Administrator

    Joined:
    Jan 27, 2001
    Messages:
    103,706
    I'd suggest that she uninstall bearshare.....it's a p2p STEALING program, to download stuff illegally, and usually results in the problems that she is now having.

    I'll see if I can find someone to help......I myself frown upon self inflicted injuries, but, someone may have another suggestion than mine....format c: and start all over.
     
    ~Candy~, Nov 16, 2007
    #10
  12. canupleasehelpme

    canupleasehelpme Thread Starter

    Joined:
    Aug 23, 2007
    Messages:
    56
    so theres nothing wrong in my HJT or combo logs?
     
    canupleasehelpme, Nov 16, 2007
    #11
  13. ~Candy~

    ~Candy~ Retired Administrator

    Joined:
    Jan 27, 2001
    Messages:
    103,706
    Yes, you DO have problems. Did you uninstall bearshare? If so, post another Hijack This and perhaps someone can assist.
     
    ~Candy~, Nov 17, 2007
    #12
  14. canupleasehelpme

    canupleasehelpme Thread Starter

    Joined:
    Aug 23, 2007
    Messages:
    56
    i deleted bearshare

    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 10:03:20 AM, on 11/17/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    Boot mode: Safe mode with network support

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\internet explorer\iexplore.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Documents and Settings\All Users\Desktop\Spyware Adware Remover\HiJackThis_v2.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?T...=Q405&bd=presario&pf=desktop&parm1=seconduser
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?T...=Q405&bd=presario&pf=desktop&parm1=seconduser
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?T...=Q405&bd=presario&pf=desktop&parm1=seconduser
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?T...=Q405&bd=presario&pf=desktop&parm1=seconduser
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?T...=Q405&bd=presario&pf=desktop&parm1=seconduser
    O2 - BHO: (no name) - {00000012-890e-4aac-afd9-eff6954a34dd} - (no file)
    O2 - BHO: (no name) - {029e02f0-a0e5-4b19-b958-7bf2db29fb13} - (no file)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {06dfedaa-6196-11d5-bfc8-00508b4a487d} - (no file)
    O2 - BHO: (no name) - {1adbcce8-cf84-441e-9b38-afc7a19c06a4} - (no file)
    O2 - BHO: (no name) - {669695bc-a811-4a9d-8cdf-ba8c795f261e} - (no file)
    O2 - BHO: Explorer Helper - {696A82AF-3AD8-5A16-A1CA-32A59A63A863} - C:\WINDOWS\system\bremct32.dll
    O2 - BHO: (no name) - {6abc861a-31e7-4d91-b43b-d3c98f22a5c0} - (no file)
    O2 - BHO: (no name) - {a4a435cf-3583-11d4-91bd-0048546a1450} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: (no name) - {b8875bfe-b021-11d4-bfa8-00508b8e9bd3} - (no file)
    O2 - BHO: (no name) - {c2680e10-1655-4a0e-87f8-4259325a84b7} - (no file)
    O2 - BHO: (no name) - {c4ca6559-2cf1-48b6-96b2-8340a06fd129} - (no file)
    O2 - BHO: (no name) - {d8efadf1-9009-11d6-8c73-608c5dc19089} - (no file)
    O2 - BHO: (no name) - {e9306072-417e-43e3-81d5-369490beef7c} - (no file)
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
    O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [mbqqdhxr] C:\Program Files\Tetoyxxw\mbqqdhxr.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Xfav] "C:\Program Files\Common Files\?ymantec\m?iexec.exe"
    O4 - HKCU\..\Run: [Ywbnth] "C:\Program Files\??mbols\?hkntfs.exe"
    O4 - HKCU\..\Run: [Zpgb] "C:\Documents and Settings\Compaq_Owner\Application Data\F?nts\e?plorer.exe"
    O4 - HKCU\..\Run: [Nhvwlej] "C:\Program Files\Common Files\?racle\r?gsvr32.exe"
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [ISMPack7] "C:\Program Files\ISM2\ISMPack7.exe"
    O4 - HKCU\..\Run: [ISMModule8] "C:\Program Files\ISM\ISMModule8.exe"
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O20 - Winlogon Notify: Gewibcr - C:\WINDOWS\SYSTEM32\Gewibcr.dll
    O21 - SSODL: ePSQrU - {5403312E-FEA9-9B84-DFF4-B3BC73979B69} - C:\WINDOWS\system32\hmeq.dll
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O24 - Desktop Component 0: (no name) - C:\Program Files\Internet Explorer\rtenecu.html

    --
    End of file - 7074 bytes
     
    canupleasehelpme, Nov 17, 2007
    #13
  15. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    115,245
    Are you not able to boot into Windows normal mode?
     
    Cookiegal, Nov 17, 2007
    #14
  16. canupleasehelpme

    canupleasehelpme Thread Starter

    Joined:
    Aug 23, 2007
    Messages:
    56
    when i do all i get is my desktop background and a solid blue bar on the bottom of the screen. no icons or anything. also, ctrl alt del does nothing.
     
    canupleasehelpme, Nov 17, 2007
    #15

  17. Sponsor

Page 1 of 4
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - help please
  1. ebaile7494

    New Help Please

    ebaile7494, Jun 4, 2019, in forum: Virus & Other Malware Removal
    Replies:
    0
    Views:
    843
    ebaile7494
    Jun 4, 2019
  2. lubr

    In Progress i need help really bad..

    lubr, Jan 5, 2020, in forum: Virus & Other Malware Removal
    Replies:
    3
    Views:
    524
    iMacg3
    Jan 7, 2020
  3. lp2xxx

    In Progress StartupCheckLibrary.dll &winscomrssrv.dll Missing, help!

    lp2xxx, Jan 3, 2020, in forum: Virus & Other Malware Removal
    Replies:
    1
    Views:
    481
    iMacg3
    Jan 5, 2020
  4. BigPotato

    New Slow laptop need help

    BigPotato, Dec 14, 2019, in forum: Virus & Other Malware Removal
    Replies:
    4
    Views:
    603
    Cookiegal
    Dec 14, 2019
  5. bj nick

    New Laptop plagued by browser hijacker....help!

    bj nick, Nov 2, 2019, in forum: Virus & Other Malware Removal
    Replies:
    0
    Views:
    669
    bj nick
    Nov 2, 2019
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/648213

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice