Results 1 to 8 of 8
  1. #1

    Default Brother's Computer

    Well basically it runs slower than the All Black's Prop. I ran highjackthis and this is what it came up with:

    Logfile of HijackThis v1.99.1
    Scan saved at 12:22:56 p.m., on 9/12/2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Warcraft III\Maps\Download\hijackthis\HijackThis.exe

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    O2 - BHO: PBHelper - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\Program Files\Oemji\Toolbar\PopupBlocker\PBHelper.dll
    O2 - BHO: Curl - {A78CC2FF-6E4E-4556-B27C-D7C3A70D7A50} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: OemjiSearchPlus - {D240DC29-C093-4388-B71F-A7103C796B0C} - C:\Program Files\Oemji\OemjiSearchPlus\OemjiPls.dll
    O2 - BHO: (no name) - {D80C4E21-C346-4E21-8E64-20746AA20AEB} - (no file)
    O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)
    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: (no name) - {804DB5C7-31E6-4885-850A-F1941B58A4C7} - (no file)
    O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - (no file)
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [hp Silent Service] C:\Windows\system32\HpSrvUI.exe
    O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
    O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
    O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O4 - HKLM\..\Run: [mouseElf] C:\PROGRA~1\GENIUS~1\GNETMOUS.EXE
    O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
    O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
    O4 - Global Startup: KYESCAN.lnk = ?
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.advnt01.com/dialer/nz.exe
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
    O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.spywarestormer.com/files2/Install.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
    O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) - http://zone.msn.com/bingame/rtlw/def...GameLoader.cab
    O16 - DPF: {42F2D240-B23C-11D6-8C73-70A05DC10000} - http://64.156.31.77/nzgames.exe
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by20fd.bay20.hotmail.msn.com/...s/MsnPUpld.cab
    O16 - DPF: {706F3805-27D7-478D-80E5-E25D2BB030B3} - http://www.advnt01.com/dialer/internazionale_ver3.CAB
    O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://www.gamehouse.com/games/mjolauncher.cab
    O16 - DPF: {7EB15626-CB8E-4174-8A72-C055B12B4310} (CQD2Loader Object) - http://smartdownloader.com/installer.dll
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...tatsClient.cab
    O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.google.com/data/GoogleActivate.cab
    O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://zone.msn.com/binGame/ZAxRcMgr.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab34246.cab
    O16 - DPF: {B94B4225-E02E-4D3F-BADB-026F1E2F3AD7} - http://www.instantplugin.com/SexDownloader.cab
    O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/sh...19/mcgdmgr.cab
    O16 - DPF: {C886256C-7A63-4213-AD2F-02AD3735DF06} (AtlCtrl Class) - http://dl.adshooter.com/code/SYSsfitb.cab
    O16 - DPF: {D19781C5-2051-44F8-8445-DDC82933C191} (VacPro.internazionale_ver11) - http://advnt01.com/dialer/internazionale_ver11.CAB
    O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://zone.msn.com/bingame/shpo/default/shapo.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/apop/def...ploader_v5.cab
    O16 - DPF: {E0CE16CB-741C-4B24-8D04-A817856E07F4} - http://cabs.media-motor.net/cabs/mmed.cab
    O18 - Filter: text/html - {F172838A-39F4-4B44-99FA-15852183565F} - C:\Documents and Settings\Owner\Local Settings\Application Data\microsoft\internet explorer\V0.28.dat
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O21 - SSODL: SysTray.Exgr - {5368D1FC-4F5C-4f1b-B134-E67214FC78E9} - C:\WINDOWS\system32\mppmqioj.dll (file missing)
    O23 - Service: AutoComplete Service (Autocomplete) - Unknown owner - C:\PROGRA~1\INTERN~2\autocomp.exe (file missing)
    O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
    O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    If someone would be so kind as to go through it and tell me what I don't want on there it would be much appreciated.

  2. #2
    Member
    Join Date
    Dec 2004
    Location
    NZ
    Posts
    44,851

    Default Re: Brother's Computer

    Boot into safe mode. Disable system restore. Run hijackthis again. And tick these. Tick fix checked. Then reboot.

    O2 - BHO: Curl - {A78CC2FF-6E4E-4556-B27C-D7C3A70D7A50} - (no file)

    O2 - BHO: OemjiSearchPlus - {D240DC29-C093-4388-B71F-A7103C796B0C} - C:\Program Files\Oemji\OemjiSearchPlus\OemjiPls.dll - this is spyware/adware.

    O2 - BHO: (no name) - {D80C4E21-C346-4E21-8E64-20746AA20AEB} - (no file)

    O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)

    O3 - Toolbar: (no name) - {804DB5C7-31E6-4885-850A-F1941B58A4C7} - (no file)

    O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - (no file)

    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

    This is for the souncard, but also monitors.

    O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"

    O4 - Global Startup: KYESCAN.lnk = ?

    O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.advnt01.com/dialer/nz.exe - This looks like a dialler.

    O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.spywarestormer.com/files2/Install.cab

    O16 - DPF: {42F2D240-B23C-11D6-8C73-70A05DC10000} - http://64.156.31.77/nzgames.exe

    O16 - DPF: {706F3805-27D7-478D-80E5-E25D2BB030B3} - http://www.advnt01.com/dialer/internazionale_ver3.CAB - this is also a dialler.

    O16 - DPF: {7EB15626-CB8E-4174-8A72-C055B12B4310} (CQD2Loader Object) - http://smartdownloader.com/installer.dll

    O16 - DPF: {B94B4225-E02E-4D3F-BADB-026F1E2F3AD7} - http://www.instantplugin.com/SexDownloader.cab

    O16 - DPF: {D19781C5-2051-44F8-8445-DDC82933C191} (VacPro.internazionale_ver11) - http://advnt01.com/dialer/internazionale_ver11.CAB

    O16 - DPF: {E0CE16CB-741C-4B24-8D04-A817856E07F4} - http://cabs.media-motor.net/cabs/mmed.cab

    O18 - Filter: text/html - {F172838A-39F4-4B44-99FA-15852183565F} - C:\Documents and Settings\Owner\Local Settings\Application Data\microsoft\internet explorer\V0.28.dat

    O21 - SSODL: SysTray.Exgr - {5368D1FC-4F5C-4f1b-B134-E67214FC78E9} - C:\WINDOWS\system32\mppmqioj.dll (file missing)

    O23 - Service: AutoComplete Service (Autocomplete) - Unknown owner - C:\PROGRA~1\INTERN~2\autocomp.exe (file missing) - Is Tracks Eraser Pro installed? If it isnt, tick this entry.

  3. #3

    Default Re: Brother's Computer

    could you please explain what a 'dialler' is?
    I will do the above when I can get onto his computer.
    thanks

  4. #4
    Member
    Join Date
    Dec 2004
    Location
    NZ
    Posts
    44,851

    Default Re: Brother's Computer

    A dialler, if u dont remove those dialler entries, will disconnect u from the net, and dial overseas to some place. And you'll have a BIG phone bill.

    I would tell your bro NOT to get on the net, until those entries I posted are ticked and removed in safe mode.

  5. #5
    Old Hand Pancake's Avatar
    Join Date
    Nov 2005
    Location
    Victoria Australia
    Posts
    632

    Default Re: Brother's Computer

    I would advise uninstalling this malware folder C:\Program Files\AutoUpdate .Check first as it may be in Add/Remove.You can find this by going to Start/Settings/Control Panel.


    A Member of :
    UNITE & ASAP

    Eddy

  6. #6
    Senior Member pctek's Avatar
    Join Date
    Feb 2005
    Location
    In the Wild West
    Posts
    24,212

    Default Re: Brother's Computer

    And apart form Hijackthis get some other anti-spyware programs - the FAQ here lists what you need.

  7. #7
    Mmmmmmmm.............Kate Tukapa's Avatar
    Join Date
    Feb 2005
    Location
    New Plymouth
    Posts
    791

    Default Re: Brother's Computer

    Actually I know this probably doesn't help but some of those All Black props are pretty damn quick, especially over the first 30 or 40 metres!
    Asus P8Z77-V LK, Core i5 3570K, 8GB DDR3 1600, 128GB SSD, 12TB HDD, GeForce GTX660 Ti 2GB, Blu-ray writer, Enermax 750W PSU, Coolermaster CM 690 II Case, Windows 8 Professional

  8. #8
    Superanuitant Poppa John's Avatar
    Join Date
    Dec 2004
    Location
    Wonderful Wanganui
    Posts
    5,029

    Default Re: Brother's Computer

    Quote Originally Posted by Tukapa
    Actually I know this probably doesn't help but some of those All Black props are pretty damn quick, especially over the first 30 or 40 metres!

    I still wouldn't want to be in their 'Way' at 41 metres tho. PJ.
    Deafness.
    When I was younger I heard but didn't listen.
    Now I am older, I listen but cannot hear.

    If it is not broke, don't make it broker by trying to make it better. (This applies specifically to PJ)

Similar Threads

  1. Replies: 62
    Last Post: 09-06-2007, 12:19 AM
  2. Replies: 4
    Last Post: 07-05-2005, 11:31 PM
  3. Replies: 1
    Last Post: 28-08-2004, 05:13 PM
  4. Replies: 12
    Last Post: 23-09-2003, 05:55 AM
  5. Connecting Linux computer to Windows computer
    By david.castle in forum PressF1
    Replies: 8
    Last Post: 08-09-2003, 11:41 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •