Author Topic: Hijackthis Log (Part 2 of 2)  (Read 4429 times)

0 Members and 1 Guest are viewing this topic.

G-4rce

  • Guest
Hijackthis Log (Part 2 of 2)
« on: January 30, 2005, 07:07:10 PM »
Here's the rest of the log...

O16 - DPF: {776706AE-CACA-4EA3-93DF-BB83D9259DA9} (MailConfigure Class) - http://supportservices.msn.com/us/smtptool/MailCfg.cab
O16 - DPF: {8D83D301-E841-11D1-B155-00600823BCF9} (WebLine Browser Integration Classes) - http://216.150.210.141/webline/applets/msie40x.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/2390b183f26318917e06/netzip/RdxIE601.cab
O16 - DPF: {F7A05BAC-9778-410A-9CDE-BFBD4D5D2B7F} (iPIX Media Send Class) - http://216.249.24.60/code/iPIX-ImageWell-ipix.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} - file://c:\counter.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
O18 - Protocol: offline-8876480 - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw00 - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw00s - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw10 - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw10s - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw20 - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw20s - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw30 - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw30s - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw40 - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw40s - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw50 - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw50s - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw60 - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw60s - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw70 - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw70s - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw80 - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw80s - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw90 - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw90s - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwa0 - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwa0s - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwb0 - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwb0s - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwc0 - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwc0s - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwd0 - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwd0s - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwe0 - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwe0s - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwf0 - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwf0s - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwg0 - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwg0s - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwh0 - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwh0s - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwi0 - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwi0s - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwj0 - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwj0s - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwk0 - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwk0s - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwl0 - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwl0s - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwm0 - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwm0s - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwn0 - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwn0s - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwo0 - {6D9F3168-C76B-4E70-8964-3C9BB62F3BAD} - C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL



Thanks again,
G-4rce

lee16

  • Guest
Re: Hijackthis Log (Part 2 of 2)
« Reply #1 on: January 30, 2005, 07:13:40 PM »
There really was no need to create two theads, you this could of all been in 2 post 1 thread, o well whats done is done.

OK go to Eddy's website here: http://members.home.nl/edeijl/ache/cleaning.htm

Follow the instructions there, then redo a hijackthis log and post back, you seem to be heavily infected with Malware.

--lee

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88997
  • No support PMs thanks
Re: Hijackthis Log (Part 2 of 2)
« Reply #2 on: January 30, 2005, 07:13:54 PM »
You should really have kept this with the original post "Hijackthis Log (Part 1 of 2)", not created a separate thread for it as this will only cause confusion and multiple posts.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.3.6108 (build 24.3.8975.762) UI 1.0.801/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48539
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Hijackthis Log (Part 2 of 2)
« Reply #3 on: January 30, 2005, 09:08:17 PM »
Here is the analysis from Eddy's Program:

ANALYZER INFORMATION
--------------------------------------------------------------------------------
Log created on   : 30-01-2005 13:01:54
Analyzer version : 11
bad.dat  version : 31
good.dat version : 33
rec.dat  version : 24
dasb.dat version :  6
sus.dat  version : 11
fire.dat version :  2

--------------------------------------------------------------------------------
CHECKING HIJACKTHIS, WINDOWS, INTERNET EXPLORER AND FIREWALL :
--------------------------------------------------------------------------------
You are using the latest version of HijackThis.
You are using the latest version of Internet Explorer.
No software firewall detected. If you are not using a
hardware firewall, it is highly recommended to install one.

--------------------------------------------------------------------------------
GENERAL INFORMATION :
--------------------------------------------------------------------------------
All items in the original HijackThis log file which
are not shown here need further investigation.

Tutorial on the hijackthislog : http://members.home.nl/edeijl/

For email support on this application : hjtbeta@yahoo.com

Use www.google.com to find out more on items
not listed here or if you have doubts.

In addition to this application, you can also analyze the
original HijackThis log online at: http://hijackthis.de

--------------------------------------------------------------------------------
THESE ITEMS ARE EITHER HARMFULL OR A SECURITY RISK
WE STRONGLY RECOMMEND TO FIX THEM :
--------------------------------------------------------------------------------
\program files\msn apps\updater\01.02.3000.1001\en-us\msnappau.exe
r1 - hklm\software\microsoft\internet explorer\main
r1 - hkcu\software\microsoft\internet explorer\searchurl
r1 - hkcu\software\microsoft\windows\currentversion\internet settings
proxyoverride = localhost
o2 - bho: msntoolbandbho - {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn apps\msn toolbar\01.02.3000.1001\en-us\msntb.dll
o2 - bho: sdwin32 class - {de8056a1-d17f-4186-9979-13961036b2bf} - c:\windows\system\fbpje.dll (file missing)
o3 - toolbar: msn - {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn apps\msn toolbar\01.02.3000.1001\en-us\msntb.dll
o3 - toolbar: (no name) - {2cde1a7d-a478-4291-bf31-e1b4c16f92eb} - (no file)
o4 - hklm\..\run: [systemtray] systray.exe
o4 - hklm\..\run: [satmat] c:\windows\satmat.exe
o9 - extra button: translate - {06fe5d05-8f11-11d2-804f-00105a133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avbabelfish&c=3c00&lc=0409 (file missing)
o9 - extra 'tools' menuitem: av &translate - {06fe5d05-8f11-11d2-804f-00105a133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avbabelfish&c=3c00&lc=0409 (file missing)
o9 - extra button: (no name) - {06fe5d02-8f11-11d2-804f-00105a133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avlinksearch&c=3c00&lc=0409 (file missing)
o9 - extra 'tools' menuitem: &find pages linking to this url - {06fe5d02-8f11-11d2-804f-00105a133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avlinksearch&c=3c00&lc=0409 (file missing)
o9 - extra button: (no name) - {06fe5d03-8f11-11d2-804f-00105a133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avhostsearch&c=3c00&lc=0409 (file missing)
o9 - extra 'tools' menuitem: find other pages on this &host - {06fe5d03-8f11-11d2-804f-00105a133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avhostsearch&c=3c00&lc=0409 (file missing)
o9 - extra button: (no name) - {06fe5d04-8f11-11d2-804f-00105a133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=altavista&c=3c00&lc=0409 (file missing)
o9 - extra 'tools' menuitem: av live - {06fe5d04-8f11-11d2-804f-00105a133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=altavista&c=3c00&lc=0409 (file missing)
o9 - extra button: (no name) - {cd67f990-d8e9-11d2-98fe-00c0f0318afe} - (no file)
o16 - dpf: {776706ae-caca-4ea3-93df-bb83d9259da9} (mailconfigure class) - http://supportservices.msn.com/us/smtptool/mailcfg.cab
o16 - dpf: {8d83d301-e841-11d1-b155-00600823bcf9} (webline browser integration classes) - http://216.150.210.141/webline/applets/msie40x.cab
o16 - dpf: {d18f962a-3722-4b59-b08d-28bb9eb2281e} (photosctrl class) - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
o16 - dpf: {56336bcb-3d8a-11d6-a00b-0050da18de71} (rdxie class) - http://207.188.7.150/2390b183f26318917e06/netzip/rdxie601.cab
o16 - dpf: {f7a05bac-9778-410a-9cde-bfbd4d5d2b7f} (ipix media send class) - http://216.249.24.60/code/ipix-imagewell-ipix.cab
o16 - dpf: {c3dfa998-a486-11d4-aa25-00c04f72daeb} (msn photo upload tool) - http://sc.groups.msn.com/controls/photouc/msnpupld.cab
o16 - dpf: {1d0d9077-3798-49bb-9058-393499174d5d} - file://c:\counter.cab
o16 - dpf: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (yinststarter class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab

--------------------------------------------------------------------------------
HARMFULL ITEMS IN THE DOCUMENTS AND SETTINGS FOLDER(S) :
--------------------------------------------------------------------------------
Nothing found.

--------------------------------------------------------------------------------
THE FOLLOWING ITEMS ARE NOT NEEDED TO LOAD
AT BOOTTIME FOR THE SYSTEM TO WORK PROPERLY :
--------------------------------------------------------------------------------
o4 - hklm\..\run: [loadqm] loadqm.exe
o4 - hklm\..\run: [msnappau] "c:\program files\msn apps\updater\01.02.3000.1001\en-us\msnappau.exe"
o4 - hklm\..\run: [tkbellexe] "c:\program files\common files\real\update_ob\realsched.exe"  -osboot
o4 - hkcu\..\run: [msnmsgr] "c:\program files\msn messenger\msnmsgr.exe" /background
o4 - startup: microsoft office.lnk = c:\program files\microsoft office\office\osa9.exe

--------------------------------------------------------------------------------
I know why this needed 2 posts but can't understand why it needed 2 Threads???
You can get further information and instructions on using Eddy's program by clicking on the HelpfulLinks in my signature.
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31079
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: Hijackthis Log (Part 2 of 2)
« Reply #4 on: January 31, 2005, 03:21:36 PM »
Well actually the analyzer says this :
(I have ofcourse the latest databases that are not yet released ;) )
--------------------------------------------------------------------------------
CHECKING HIJACKTHIS, INTERNET EXPLORER, WINDOWS AND SOFTWARE FIREWALL:
--------------------------------------------------------------------------------
You are using the latest version of HijackThis.
You are using the latest version of Internet Explorer.
No software firewall detected. If you are not using a
hardware firewall, it is highly recommended to install one.

--------------------------------------------------------------------------------
THESE ARE EITHER HARMFULL OR A SECURITY RISK
WE STRONGLY RECOMMEND TO FIX THEM :
--------------------------------------------------------------------------------
\program files\msn apps\updater\01.02.3000.1001\en-us\msnappau.exe
\program files\istsvc\istsvc.exe
r1 - hkcu\software\microsoft\windows\currentversion\internet settings,proxyoverride = localhost
o2 - bho: realbar - {4e7bd74f-2b8d-469e-c0ff-fd60b590a87d} - c:\progra~1\common~1\real\toolbar\realbar.dll
o2 - bho: msntoolbandbho - {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn apps\msn toolbar\01.02.3000.1001\en-us\msntb.dll
o2 - bho: sdwin32 class - {de8056a1-d17f-4186-9979-13961036b2bf} - c:\windows\system\fbpje.dll (file missing)
o3 - toolbar: realbar - {4e7bd74f-2b8d-469e-c0ff-fd60b590a87d} - c:\progra~1\common~1\real\toolbar\realbar.dll
o3 - toolbar: msn - {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn apps\msn toolbar\01.02.3000.1001\en-us\msntb.dll
o3 - toolbar: (no name) - {2cde1a7d-a478-4291-bf31-e1b4c16f92eb} - (no file)
o4 - hklm\..\run: [systemtray] systray.exe
o4 - hklm\..\run: [satmat] c:\windows\satmat.exe
o4 - hklm\..\run: [xuudjldgseqa] c:\windows\system\zpfujj.exe
o4 - hklm\..\run: [ist service] c:\program files\istsvc\istsvc.exe
o4 - hkcu\..\run: [yahoo! pager] 1
o9 - extra button: translate - {06fe5d05-8f11-11d2-804f-00105a133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avbabelfish&c=3c00&lc=0409 (file missing)
o9 - extra 'tools' menuitem: av &translate - {06fe5d05-8f11-11d2-804f-00105a133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avbabelfish&c=3c00&lc=0409 (file missing)
o9 - extra button: (no name) - {06fe5d02-8f11-11d2-804f-00105a133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avlinksearch&c=3c00&lc=0409 (file missing)
o9 - extra 'tools' menuitem: &find pages linking to this url - {06fe5d02-8f11-11d2-804f-00105a133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avlinksearch&c=3c00&lc=0409 (file missing)
o9 - extra button: (no name) - {06fe5d03-8f11-11d2-804f-00105a133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avhostsearch&c=3c00&lc=0409 (file missing)
o9 - extra 'tools' menuitem: find other pages on this &host - {06fe5d03-8f11-11d2-804f-00105a133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avhostsearch&c=3c00&lc=0409 (file missing)
o9 - extra button: (no name) - {06fe5d04-8f11-11d2-804f-00105a133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=altavista&c=3c00&lc=0409 (file missing)
o9 - extra 'tools' menuitem: av live - {06fe5d04-8f11-11d2-804f-00105a133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=altavista&c=3c00&lc=0409 (file missing)
o9 - extra button: (no name) - {cd67f990-d8e9-11d2-98fe-00c0f0318afe} - (no file)
o16 - dpf: {776706ae-caca-4ea3-93df-bb83d9259da9} (mailconfigure class) - http://supportservices.msn.com/us/smtptool/mailcfg.cab
o16 - dpf: {8d83d301-e841-11d1-b155-00600823bcf9} (webline browser integration classes) - http://216.150.210.141/webline/applets/msie40x.cab
o16 - dpf: {d18f962a-3722-4b59-b08d-28bb9eb2281e} (photosctrl class) - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
o16 - dpf: {56336bcb-3d8a-11d6-a00b-0050da18de71} (rdxie class) - http://207.188.7.150/2390b183f26318917e06/netzip/rdxie601.cab
o16 - dpf: {f7a05bac-9778-410a-9cde-bfbd4d5d2b7f} (ipix media send class) - http://216.249.24.60/code/ipix-imagewell-ipix.cab
o16 - dpf: {c3dfa998-a486-11d4-aa25-00c04f72daeb} (msn photo upload tool) - http://sc.groups.msn.com/controls/photouc/msnpupld.cab
o16 - dpf: {1d0d9077-3798-49bb-9058-393499174d5d} - file://c:\counter.cab
o16 - dpf: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (yinststarter class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab

--------------------------------------------------------------------------------
THE FOLLOWING ITEMS ARE NOT NEEDED TO LOAD
AT BOOTIME FOR THE SYSTEM TO WORK PROPERLY:
--------------------------------------------------------------------------------
o4 - hklm\..\run: [loadqm] loadqm.exe
o4 - hklm\..\run: [msnappau] "c:\program files\msn apps\updater\01.02.3000.1001\en-us\msnappau.exe"
o4 - hklm\..\run: [tkbellexe] "c:\program files\common files\real\update_ob\realsched.exe"  -osboot
o4 - hkcu\..\run: [msnmsgr] "c:\program files\msn messenger\msnmsgr.exe" /background
o4 - startup: microsoft office.lnk = c:\program files\microsoft office\office\osa9.exe

--------------------------------------------------------------------------------
WE HAVE NO INFO ON THE FOLLOWING ITEMS. THEY CAN BE BAD OR GOOD.
YOU HAVE TO VERIFY THEM MANUALLY. PLEASE TELL US IF YOU HAVE INFO ON THEM :
--------------------------------------------------------------------------------
\windows\pnguii.exe
o4 - hklm\..\run: [lkx] c:\windows\lkx.exe
o4 - hklm\..\run: [r83r36x] gdiscfg.exe
o4 - hklm\..\run: [4lxjwf] c:\windows\pnguii.exe