Jump to content

Lightingbird

Members
  • Posts

    1
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Makes it so its very hard to use. I can often close explorer.exe and run it again to get some work done. Here is the log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:04:21 PM, on 4/25/2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\Windows\System32\smss.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Program Files\Solidcore\S3\scsrvc.exe C:\Windows\system32\spoolsv.exe C:\Program Files\sal\instore\bin\cms.exe C:\Windows\system32\inetsrv\inetinfo.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Powerware\LanSafe\Bin\PowerMonitor.exe C:\Program Files\Powerware\LanSafe\Bin\LSTrayAgent.exe c:\Program Files\MATRA Systems\FREEDOM-Link\NTTCP_Fl.exe C:\Program Files\RemotelyAnywhere\x86\RaMaint.exe C:\Program Files\RemotelyAnywhere\x86\RemotelyAnywhere.exe C:\Program Files\RemotelyAnywhere\x86\LMIGuardian.exe C:\Program Files\Snare\SnareCore.EXE C:\Windows\System32\snmp.exe C:\Program Files\Solidcore\S3\SNSCSVC.exe C:\Program Files\RemotelyAnywhere\x86\RAGui.exe C:\WINDOWS\system32\tlntsvr.exe C:\Windows\System32\vssvc.exe C:\Windows\RTHDCPL.EXE C:\Windows\system32\mqsvc.exe C:\Program Files\RemotelyAnywhere\x86\LMIGuardian.exe C:\Windows\system32\cmd.exe C:\PCMASTER\DRV32\POSSVMON.EXE C:\PCMASTER\CS\StartASP.exe C:\Windows\system32\ntvdm.exe C:\Windows\system32\mqtgsvc.exe C:\Program Files\Powerware\LanSafe\bin\xyntservice.exe C:\Program Files\Powerware\LanSafe\bin\httpserver.exe C:\Program Files\Powerware\LanSafe\bin\status_glance.exe C:\Windows\system32\taskmgr.exe C:\Windows\explorer.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\HijackThis.exe C:\Program Files\RemotelyAnywhere\x86\RemotelyAnywhere.exe C:\Program Files\RemotelyAnywhere\x86\LMIGuardian.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://localhost/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,%windir%\system32\userinit.exe, O1 - Hosts: 169.155.40.100 www.svharbor.com O1 - Hosts: 169.155.40.101 portal.svharbor.com O1 - Hosts: 169.155.40.144 wfc.svharbor.com O1 - Hosts: 169.155.40.96 myaccount.svharbor.com O1 - Hosts: 169.155.40.110 www.supervalu.com O1 - Hosts: 255.255.255.0 SUBNETMASK O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [sALDeskProt] c:\program files\sal\instore\bin\saldeskprot.exe O4 - HKLM\..\Run: [RemotelyAnywhere GUI] "C:\Program Files\RemotelyAnywhere\x86\RAGui.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\Windows\system32\ctfmon.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\Windows\system32\ctfmon.exe (User 'Default user') O4 - Startup: printmap2.bat O4 - Global Startup: BackOffice.lnk = ? O4 - Global Startup: POS Service Monitoring.lnk = C:\PCMASTER\DRV32\POSSVMON.EXE O4 - Global Startup: printmap2.bat O4 - Global Startup: Start ASP.lnk = C:\PCMASTER\CS\StartASP.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe O10 - Broken Internet access because of LSP provider 'c:\windows\system32\rsvpsp.dll' missing O16 - DPF: {0D221D00-A6ED-477C-8A91-41F3B660A832} (RSClientPrint 2005 Class) - https://www.servereps.com/ConnectedPayments/Reserved.ReportViewerWebControl.axd?ReportSession=xkq22555ouaqpu55lhkwg0nk&ControlID=eba04310700e40e3ada12c4923a1657c&Culture=1033&UICulture=1033&ReportStack=1&OpType=PrintCab O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.22.0.cab O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://localhost:2000/activex/RACtrl.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{7B37E356-B290-4200-A8D5-65FE48C7BDA2}: NameServer = 192.168.1.254 O20 - Winlogon Notify: SSOExec - C:\Windows\temp\sso\ssoexec.dll (file missing) O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\Windows\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: cms - Alexandria Software Consulting - C:\Program Files\sal\instore\bin\cms.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LanSafe Power Monitor (LanSafe PM) - Eaton Corporation - C:\Program Files\Powerware\LanSafe\Bin\PowerMonitor.exe O23 - Service: LanSafe Process Manager - Powerware - C:\Program Files\Powerware\LanSafe\bin\xyntservice.exe O23 - Service: MATRA Freedom-Link Server (NTTCP_Fl) - Unknown owner - c:\Program Files\MATRA Systems\FREEDOM-Link\NTTCP_Fl.exe O23 - Service: POS_Srv_Manager - Unknown owner - c:\PCMASTER\drv32\POS_SRV.exe O23 - Service: RemotelyAnywhere Maintenance Service (RAMaint) - LogMeIn, Inc. - C:\Program Files\RemotelyAnywhere\x86\RaMaint.exe O23 - Service: RemotelyAnywhere - LogMeIn, Inc. - C:\Program Files\RemotelyAnywhere\x86\RemotelyAnywhere.exe O23 - Service: Solidcore Solidifier Service (scsrvc) - Unknown owner - C:\Program Files\Solidcore\S3\scsrvc.exe O23 - Service: SNARE - InterSect Alliance Pty Ltd - C:\Program Files\Snare\SnareCore.EXE O23 - Service: StoreNext SolidCore Service - Retalix USA - C:\Program Files\Solidcore\S3\SNSCSVC.exe -- End of file - 6965 bytes
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.