« previous next »
Pages: [1]

Author Topic: Check Up  (Read 1177 times)

Offline is Will 1337?

  • Sr. Member
  • ****
  • Posts: 318
  • Karma: +0/-0
    • View Profile
Check Up
« on: June 11, 2007, 07:55:50 PM »
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\AIM\aim.exe
C:\Program Files\Steam\steam.exe
C:\Program Files\Xfire\xfire.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...arm1=seconduser
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...arm1=seconduser
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\McAfee.com\Agent\McAgent.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZJxdm070YYUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://qtinstall.info.apple.com/qtactivex/QTPlugin.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by125fd.bay125.Email Removed.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownlo...GPlugin9USA.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Email Removed Attachments Control) - http://by125fd.bay125.Email Removed.msn.com/activex/HMAtchmt.ocx
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\jean\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
Logged
[size="5"]



[/size]



 

 



[size="5"][size="6"]SCAMMERS I GOT BANNED[/size]

[/size]

[size="4"]

[color="#0000ff"]PartyhatMan[/color]

[/size]

[size="5"]

[size="4"]Who I vouch

[color="#00ffff"]GAGFRAP[/color]

[color="#00ffff"]JB Lee

leetne55

f41th n h0pe

pu83[/color]



[/size][/size]

Transaction - Sold lvl 87 to Potato_Narf - [color="#00ff00"]Successful[/color][color="#00ff00"] ([/color][color="#000000"]went as planned. recommended)[/color]

Transaction - Sold lvl 4 combat 83 miner to Potato_Narf - [color="#00ff00"]Successful [/color][color="#000000"](went as planned. recommended)[/color]

Transaction - Transferred 2m to Mthrl's account. - [color="#00ff00"]Successful

[/color][color="#000000"]Transaction - Transferred 10m to Mthrl's account. -[/color][color="#00ff00"] Successful

[/color][color="#000000"]Transaction - Sold 43M to Potato Narf - [/color][color="#00ff00"]Successful [/color][color="#000000"](i went first, recommended)[/color]

Transaction - Bought pbp pin for Mattinator - [color="#00ff00"]Successful[/color]

Transaction - Bought lvl 62 Mage Pure from I_1337_K - [color="#ff0000"]SCAMMED [/color][color="#000000"](he recovered a few days later)[/color]

Transaction - I_1337_K Transferred Runes and Sharks For Me - [color="#00ff00"]Successful[/color]

Transaction - Fighter Torso'd a Rune Pure - [color="#00ff00"]Successful[/color]

Transaction - Sold a Sig to Jun10r27 for 200k - [color="#00ff00"]Successful[/color]

Transaction - Sold a Sig to Eh Ah Oh Ey for 250k - [color="#00ff00"]Successful

[/color]Transaction - Had berghaux train my pure for 10k exp - [color="#00ff00"]Successful

[/color]Transaction - Sold AIM screen name "NFL" for 2m to a guest - [color="#00ff00"]Successful

[/color]Transaction - Sold an account to leetne55 for 150k - [color="#00ff00"]Successful

[/color]Transaction - Sold a pure mage to leetne55 for 400k - [color="#00ff00"]Successful

[/color]Transaction - Pur83 got me a firecape for 800k - [color="#00ff00"]Successful (recommended)

[/color]Transaction - Bought SMS from f41th n h0pe - [color="#00ff00"]Successful

[/color]Transaction - Transfered 200k+ for f41th n h0pe -[color="#00ff00"] Successful



[/color]

Offline is Will 1337?

  • Sr. Member
  • ****
  • Posts: 318
  • Karma: +0/-0
    • View Profile
Check Up
« Reply #1 on: June 11, 2007, 08:30:26 PM »
Or it might be im just running 201384093284092834092 programs lol.
Logged
[size="5"]



[/size]



 

 



[size="5"][size="6"]SCAMMERS I GOT BANNED[/size]

[/size]

[size="4"]

[color="#0000ff"]PartyhatMan[/color]

[/size]

[size="5"]

[size="4"]Who I vouch

[color="#00ffff"]GAGFRAP[/color]

[color="#00ffff"]JB Lee

leetne55

f41th n h0pe

pu83[/color]



[/size][/size]

Transaction - Sold lvl 87 to Potato_Narf - [color="#00ff00"]Successful[/color][color="#00ff00"] ([/color][color="#000000"]went as planned. recommended)[/color]

Transaction - Sold lvl 4 combat 83 miner to Potato_Narf - [color="#00ff00"]Successful [/color][color="#000000"](went as planned. recommended)[/color]

Transaction - Transferred 2m to Mthrl's account. - [color="#00ff00"]Successful

[/color][color="#000000"]Transaction - Transferred 10m to Mthrl's account. -[/color][color="#00ff00"] Successful

[/color][color="#000000"]Transaction - Sold 43M to Potato Narf - [/color][color="#00ff00"]Successful [/color][color="#000000"](i went first, recommended)[/color]

Transaction - Bought pbp pin for Mattinator - [color="#00ff00"]Successful[/color]

Transaction - Bought lvl 62 Mage Pure from I_1337_K - [color="#ff0000"]SCAMMED [/color][color="#000000"](he recovered a few days later)[/color]

Transaction - I_1337_K Transferred Runes and Sharks For Me - [color="#00ff00"]Successful[/color]

Transaction - Fighter Torso'd a Rune Pure - [color="#00ff00"]Successful[/color]

Transaction - Sold a Sig to Jun10r27 for 200k - [color="#00ff00"]Successful[/color]

Transaction - Sold a Sig to Eh Ah Oh Ey for 250k - [color="#00ff00"]Successful

[/color]Transaction - Had berghaux train my pure for 10k exp - [color="#00ff00"]Successful

[/color]Transaction - Sold AIM screen name "NFL" for 2m to a guest - [color="#00ff00"]Successful

[/color]Transaction - Sold an account to leetne55 for 150k - [color="#00ff00"]Successful

[/color]Transaction - Sold a pure mage to leetne55 for 400k - [color="#00ff00"]Successful

[/color]Transaction - Pur83 got me a firecape for 800k - [color="#00ff00"]Successful (recommended)

[/color]Transaction - Bought SMS from f41th n h0pe - [color="#00ff00"]Successful

[/color]Transaction - Transfered 200k+ for f41th n h0pe -[color="#00ff00"] Successful



[/color]

Offline is Will 1337?

  • Sr. Member
  • ****
  • Posts: 318
  • Karma: +0/-0
    • View Profile
Check Up
« Reply #2 on: June 13, 2007, 11:15:21 PM »
is it clean?
Logged
[size="5"]



[/size]



 

 



[size="5"][size="6"]SCAMMERS I GOT BANNED[/size]

[/size]

[size="4"]

[color="#0000ff"]PartyhatMan[/color]

[/size]

[size="5"]

[size="4"]Who I vouch

[color="#00ffff"]GAGFRAP[/color]

[color="#00ffff"]JB Lee

leetne55

f41th n h0pe

pu83[/color]



[/size][/size]

Transaction - Sold lvl 87 to Potato_Narf - [color="#00ff00"]Successful[/color][color="#00ff00"] ([/color][color="#000000"]went as planned. recommended)[/color]

Transaction - Sold lvl 4 combat 83 miner to Potato_Narf - [color="#00ff00"]Successful [/color][color="#000000"](went as planned. recommended)[/color]

Transaction - Transferred 2m to Mthrl's account. - [color="#00ff00"]Successful

[/color][color="#000000"]Transaction - Transferred 10m to Mthrl's account. -[/color][color="#00ff00"] Successful

[/color][color="#000000"]Transaction - Sold 43M to Potato Narf - [/color][color="#00ff00"]Successful [/color][color="#000000"](i went first, recommended)[/color]

Transaction - Bought pbp pin for Mattinator - [color="#00ff00"]Successful[/color]

Transaction - Bought lvl 62 Mage Pure from I_1337_K - [color="#ff0000"]SCAMMED [/color][color="#000000"](he recovered a few days later)[/color]

Transaction - I_1337_K Transferred Runes and Sharks For Me - [color="#00ff00"]Successful[/color]

Transaction - Fighter Torso'd a Rune Pure - [color="#00ff00"]Successful[/color]

Transaction - Sold a Sig to Jun10r27 for 200k - [color="#00ff00"]Successful[/color]

Transaction - Sold a Sig to Eh Ah Oh Ey for 250k - [color="#00ff00"]Successful

[/color]Transaction - Had berghaux train my pure for 10k exp - [color="#00ff00"]Successful

[/color]Transaction - Sold AIM screen name "NFL" for 2m to a guest - [color="#00ff00"]Successful

[/color]Transaction - Sold an account to leetne55 for 150k - [color="#00ff00"]Successful

[/color]Transaction - Sold a pure mage to leetne55 for 400k - [color="#00ff00"]Successful

[/color]Transaction - Pur83 got me a firecape for 800k - [color="#00ff00"]Successful (recommended)

[/color]Transaction - Bought SMS from f41th n h0pe - [color="#00ff00"]Successful

[/color]Transaction - Transfered 200k+ for f41th n h0pe -[color="#00ff00"] Successful



[/color]

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Check Up
« Reply #3 on: June 14, 2007, 08:44:26 AM »
Sorry for the delay, can you post back with the following
supply an uninstall list from Hijackthis
Open Hijackthis>>Open MISC TOOLS SECTION>>Open UNINSTALL MANAGER
Click the SAVE LIST... button
Save the list to your desktop then copy>>Paste back here the Whole contents

After you post the uninstall list
Can you close Hijackthis, then reopen it and run a fresh scan and save logfile and post the Whole log
You cut off the top part of the log last time
« Last Edit: June 14, 2007, 08:53:51 AM by guestolo »
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline is Will 1337?

  • Sr. Member
  • ****
  • Posts: 318
  • Karma: +0/-0
    • View Profile
Check Up
« Reply #4 on: June 16, 2007, 02:58:15 AM »
k will do. ill do it in a few hours after i wake up.
Logged
[size="5"]



[/size]



 

 



[size="5"][size="6"]SCAMMERS I GOT BANNED[/size]

[/size]

[size="4"]

[color="#0000ff"]PartyhatMan[/color]

[/size]

[size="5"]

[size="4"]Who I vouch

[color="#00ffff"]GAGFRAP[/color]

[color="#00ffff"]JB Lee

leetne55

f41th n h0pe

pu83[/color]



[/size][/size]

Transaction - Sold lvl 87 to Potato_Narf - [color="#00ff00"]Successful[/color][color="#00ff00"] ([/color][color="#000000"]went as planned. recommended)[/color]

Transaction - Sold lvl 4 combat 83 miner to Potato_Narf - [color="#00ff00"]Successful [/color][color="#000000"](went as planned. recommended)[/color]

Transaction - Transferred 2m to Mthrl's account. - [color="#00ff00"]Successful

[/color][color="#000000"]Transaction - Transferred 10m to Mthrl's account. -[/color][color="#00ff00"] Successful

[/color][color="#000000"]Transaction - Sold 43M to Potato Narf - [/color][color="#00ff00"]Successful [/color][color="#000000"](i went first, recommended)[/color]

Transaction - Bought pbp pin for Mattinator - [color="#00ff00"]Successful[/color]

Transaction - Bought lvl 62 Mage Pure from I_1337_K - [color="#ff0000"]SCAMMED [/color][color="#000000"](he recovered a few days later)[/color]

Transaction - I_1337_K Transferred Runes and Sharks For Me - [color="#00ff00"]Successful[/color]

Transaction - Fighter Torso'd a Rune Pure - [color="#00ff00"]Successful[/color]

Transaction - Sold a Sig to Jun10r27 for 200k - [color="#00ff00"]Successful[/color]

Transaction - Sold a Sig to Eh Ah Oh Ey for 250k - [color="#00ff00"]Successful

[/color]Transaction - Had berghaux train my pure for 10k exp - [color="#00ff00"]Successful

[/color]Transaction - Sold AIM screen name "NFL" for 2m to a guest - [color="#00ff00"]Successful

[/color]Transaction - Sold an account to leetne55 for 150k - [color="#00ff00"]Successful

[/color]Transaction - Sold a pure mage to leetne55 for 400k - [color="#00ff00"]Successful

[/color]Transaction - Pur83 got me a firecape for 800k - [color="#00ff00"]Successful (recommended)

[/color]Transaction - Bought SMS from f41th n h0pe - [color="#00ff00"]Successful

[/color]Transaction - Transfered 200k+ for f41th n h0pe -[color="#00ff00"] Successful



[/color]

Offline is Will 1337?

  • Sr. Member
  • ****
  • Posts: 318
  • Karma: +0/-0
    • View Profile
Check Up
« Reply #5 on: June 16, 2007, 11:07:23 AM »
Acoustica Effects Pack
Active GIF Creator 2.23
Adobe Flash Player 9 ActiveX
Adobe Photoshop Elements 3.0
Adobe Reader 7.0.8
Adobe Shockwave Player
Agere Systems PCI Soft Modem
AOL Instant Messenger
Ask Toolbar
ATI Catalyst Control Center
ATI Display Driver
AviSynth 2.5
Barnyard Invasion from HP Media Center (remove only)
Bejeweled 2 Deluxe from HP Media Center (remove only)
Big Kahuna Reef from HP Media Center (remove only)
BitPim 0.9.10
BitTorrent 5.0.7
Blackhawk Striker 2 from HP Media Center (remove only)
Blasterball 2 from HP Media Center (remove only)
Blasterball 2 Holidays from HP Media Center (remove only)
Boggle Supreme from HP Media Center (remove only)
Bonjour
Bookworm Deluxe from HP Media Center (remove only)
Bounce Symphony from HP Media Center (remove only)
CC_ccProxyExt
ccCommon
ccPxyCore
CCScore
CheckIt  Diagnostics
Connection Keep Alive
Counter-Strike(tm)
Crystal Maze from HP Media Center (remove only)
Digby\'s Donuts from HP Media Center (remove only)
EPSON Printer Software
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESShelp
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTOOLS
essvatgt
essvcpt
FATE Demo from HP Media Center (remove only)
Flip Words from HP Media Center (remove only)
GemMaster Mystic
Guild Wars
Gunbound Revolution
High Definition Audio Driver Package - KB888111
HijackThis 1.99.1
HLPPDOCK
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB935448)
HP Boot Optimizer
HP Deskjet Printer Preload
HP DigitalMedia Archive
HP Document Viewer 5.3
HP Game Console and games
HP Image Zone 5.3
HP Image Zone for Media Center PC
HP Imaging Device Functions 5.3
HP Photosmart 330,380,420,470,7800,8000,8200 Series
HP Photosmart Cameras 5.0
HP PSC & OfficeJet 5.3.B
HP Software Update
HP Solution Center & Imaging Support Tools 5.3
HP Tunes
HPTunesAddIn
HyperCam 2
ijji
ijji - Gunz
Insaniquarium Deluxe from HP Media Center (remove only)
Intel® PRO Network Connections Drivers
IntelliMover Data Transfer Demo
InterVideo WinDVD Player
iPod for Windows 2006-06-28
IrfanView (remove only)
iTunes
J2SE Runtime Environment 5.0
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
Jewel Quest from HP Media Center (remove only)
kgcbase
Kodak EasyShare software
LG USB Drivers
LimeWire 4.12.6
LiveUpdate 3.0 (Symantec Corporation)
Mah Jong Quest from HP Media Center (remove only)
MapleStory
Microsoft .NET Framework 1.0 Hotfix (KB887998)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2005
Microsoft National Language Support Downlevel APIs
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Standard Edition 2003
Microsoft Word 2000
Microsoft Works
Mozilla Firefox (1.5.0.12)
MSRedist
MSRedist
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
muvee autoProducer 4.0
muvee autoProducer unPlugged 1.1 - HPD
My Sirius Studio
MySpaceIM
neroxml
Norton AntiSpam
Norton AntiSpam
Norton AntiVirus 2006
Norton Cleanup
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security 2006 (Symantec Corporation)
Norton Protection Center
Norton SystemWorks
Norton SystemWorks 2006 Basic Edition
Norton SystemWorks 2006 Basic Edition (Symantec Corporation)
Norton Utilities
Norton WMI Update
Norton WMI Update
Notifier
NSW_DRM_COLLECTION
Office 2003 Tour
OfotoXMI
OTtBP
Otto
Polar Bowler from HP Media Center (remove only)
Polar Golfer from HP Media Center (remove only)
PP Xfire Skin
PS2
PSP Movie Creator(remove only)
PSP Video 9 1.74
Puzzle Express from HP Media Center (remove only)
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3
Quicken 2005
QuickTime
RealPlayer
Ricochet Lost Worlds from HP Media Center (remove only)
SCRABBLE Blast from HP Media Center (remove only)
SCRABBLE from HP Media Center (remove only)
SCRABBLE Rack Attack from HP Media Center (remove only)
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
ServiceProvider
SFR
SHASTA
Shrek 2 Ogre Bowler from HP Media Center (remove only)
SKIN0001
SKINXSDK
Slingo Deluxe from HP Media Center (remove only)
Slyder from HP Media Center (remove only)
Sonic Backup MyPC Special Edition for HP
Sonic Encoders
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Sonic Update Manager
SPBBC
Spybot - Search & Destroy 1.4
staticcr
Steam
Super Granny from HP Media Center (remove only)
Swarm from HP Media Center (remove only)
Symantec KB-DocID:2003093015493306
Tablet
The Sims 2
Total Video Converter 3.10
Tradewinds from HP Media Center (remove only)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Updates from HP (remove only)
Ventrilo Client
Viewpoint Media Player
VPRINTOL
WAV to MP3 Encoder
Windows Driver Package - SIRIUS (zsi_fw) SIRIUS  (07/28/2006 1.00.0003)
Windows Driver Package - SIRIUS (zsi_zap) SIRIUS  (07/28/2006 1.02.0006)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format Runtime
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB883667
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB892050
Windows XP Hotfix - KB893066
Windows XP Media Center Edition 2005 KB908250
WIRELESS
World of Warcraft
Xfire (remove only)



thats my uninstall list now let me get my scan.

Logfile of HijackThis v1.99.1
Scan saved at 9:05:55 AM, on 6/16/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Xfire\xfire.exe
C:\Program Files\iPod\jean\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...arm1=seconduser
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...arm1=seconduser
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\McAfee.com\Agent\McAgent.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZJxdm070YYUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra \'Tools\' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra \'Tools\' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra \'Tools\' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra \'Tools\' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra \'Tools\' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://qtinstall.info.apple.com/qtactivex/QTPlugin.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by125fd.bay125.Email Removed.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownlo...GPlugin9USA.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Email Removed Attachments Control) - http://by125fd.bay125.Email Removed.msn.com/activex/HMAtchmt.ocx
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\jean\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
Logged
[size="5"]



[/size]



 

 



[size="5"][size="6"]SCAMMERS I GOT BANNED[/size]

[/size]

[size="4"]

[color="#0000ff"]PartyhatMan[/color]

[/size]

[size="5"]

[size="4"]Who I vouch

[color="#00ffff"]GAGFRAP[/color]

[color="#00ffff"]JB Lee

leetne55

f41th n h0pe

pu83[/color]



[/size][/size]

Transaction - Sold lvl 87 to Potato_Narf - [color="#00ff00"]Successful[/color][color="#00ff00"] ([/color][color="#000000"]went as planned. recommended)[/color]

Transaction - Sold lvl 4 combat 83 miner to Potato_Narf - [color="#00ff00"]Successful [/color][color="#000000"](went as planned. recommended)[/color]

Transaction - Transferred 2m to Mthrl's account. - [color="#00ff00"]Successful

[/color][color="#000000"]Transaction - Transferred 10m to Mthrl's account. -[/color][color="#00ff00"] Successful

[/color][color="#000000"]Transaction - Sold 43M to Potato Narf - [/color][color="#00ff00"]Successful [/color][color="#000000"](i went first, recommended)[/color]

Transaction - Bought pbp pin for Mattinator - [color="#00ff00"]Successful[/color]

Transaction - Bought lvl 62 Mage Pure from I_1337_K - [color="#ff0000"]SCAMMED [/color][color="#000000"](he recovered a few days later)[/color]

Transaction - I_1337_K Transferred Runes and Sharks For Me - [color="#00ff00"]Successful[/color]

Transaction - Fighter Torso'd a Rune Pure - [color="#00ff00"]Successful[/color]

Transaction - Sold a Sig to Jun10r27 for 200k - [color="#00ff00"]Successful[/color]

Transaction - Sold a Sig to Eh Ah Oh Ey for 250k - [color="#00ff00"]Successful

[/color]Transaction - Had berghaux train my pure for 10k exp - [color="#00ff00"]Successful

[/color]Transaction - Sold AIM screen name "NFL" for 2m to a guest - [color="#00ff00"]Successful

[/color]Transaction - Sold an account to leetne55 for 150k - [color="#00ff00"]Successful

[/color]Transaction - Sold a pure mage to leetne55 for 400k - [color="#00ff00"]Successful

[/color]Transaction - Pur83 got me a firecape for 800k - [color="#00ff00"]Successful (recommended)

[/color]Transaction - Bought SMS from f41th n h0pe - [color="#00ff00"]Successful

[/color]Transaction - Transfered 200k+ for f41th n h0pe -[color="#00ff00"] Successful



[/color]

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Check Up
« Reply #6 on: June 16, 2007, 12:36:45 PM »
Nothing bad in those logs, just suggestions:

1. You have Viewpoint Media Player installed, typically gets installed unintentionally with programs such as AOL IM and it is not needed
I would access your add/remove programs and remove
Viewpoint Media Player

2. Optionally, if you didn't intentionally install Ask Toolbar
I would remove it also, it's not necessarily bad, so I will leave it up to you
Here's some more info at the link
http://www.benedelman.org/spyware/installa...kjeeves-banner/

3. [color=\"blue\"]Your Java Runtime Environment is out of date.[/color] Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

[color=\"blue\"]Updating Java:[/color]
  • Download the latest version of   Java(tm) SE Runtime Environment 6 Update 1.
  • Select the Offline Download
  • Click on the  [color=\"#4169E1\"]Windows XP/Vista/2000/2003 Offline[/color] * filesize: 13.16 MB and save it too desktop
  • Close any programs you may have running - especially any web browsers.
  • Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
This includes the following:

J2SE Runtime Environment 5.0
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11

Don't install the new version yet

You have remnants of McAfee in your log, but I don't see any of the program installed
Do a "System scan only" with Hijackthis and put a check next to these entries:

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\McAfee.com\Agent\McAgent.exe

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZJxdm070YYUS

If you or a security program you have installed did not purposely set the next 2 to restrict changing of your home page and access to Internet options, tick the next ones also
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

You may also want to tick the next ones, not needed on startup, these are up to you, but it may help in startup time and help to use less resources
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
Quote
System Tray access to Apple's Quick Time viewer from version 5 onwards

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
In addition do the following
Quote
To disable tkbell.exe in the new version (1) Start RealOne Player (2) Tools - Preferences (3) Automatic services in the Categories pane (4) Uncheck all options and then OK

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Quote
Adjusts monitor colours across all programs including Photoshop. It is needed by some graphics professionals who want their monitor calibrated. Most home users will not need it
The author can verify this as Photoshop loads fine

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Quote
Speeds up the time it takes to load the Adobe_Reader
 Your choice but not required for Adobe Reader to function properly

O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
Quote
System Tray access to ATI's CATALYSTâ„¢ CONTROL CENTER.  Not required to run the control center - which is available via a right-click on the desktop

O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
Code: [Select]
Software bundled with Kodak digital cameras to manage the connection between the PC and the Camera.  Can be started manually.
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
Code: [Select]
Application which launches common MS Office components to help speed up the launch of Office programs.   It's somewhat of a resource hog  and some users claim there's no difference with or without it but it usually isn't required - Note:  if you make use of the Microsoft Office Shortcut Bar outside an office program this application will need to be enabled for it to show.
After you have ticked the above entries, close All other open windows
Including this one
Leave Hijackthis open and click FIX CHECKED
OK the prompt and exit Hijackthis

Reboot your computer
Back in Windows
Go ahead and install the latest version of Java from the installer on desktop

Post back with a fresh hijackthis log afterwards

NOTE: Did you have problems uninstalling McAfee?
Also, Both times you posted a log I noticed Limewire running, are you intentionally starting it, I'm just enquiring
« Last Edit: June 16, 2007, 12:51:07 PM by guestolo »
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Pages: [1]
« previous next »