Thread: win min w-find.com
View Single Post
Old 07-08-2005, 06:27 AM   #1 (permalink)
Rose53562
Registered User
 
Join Date: Jul 2005
Posts: 5
OS: XP


Mistake win min w-find.com
On shut down, I get a Win Min error and my brower is reset to W-find.com. I have tried to follow other resolutions but do not find the same programs or reg setting.

Would you please take a look at my HijackThis Log and point out what needs to be removed. Thank you for all your help.

Rose

Logfile of HijackThis v1.99.1
Scan saved at 9:45:30 PM, on 7/7/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\windows\bfmkbak.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\tttw\arso.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Documents and Settings\LaForest\My Documents\Downloads\hijackthis_199\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://w-find.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://w-find.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://w-find.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://w-find.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://w-find.com/
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKCU\..\Run: [vllhuxp] c:\windows\bfmkbak.exe
O4 - HKCU\..\Run: [wsvimlc] c:\windows\bfmkbak.exe
O4 - HKCU\..\Run: [tjkxtxd] c:\windows\bfmkbak.exe
O4 - HKCU\..\Run: [sfkkmui] c:\windows\bfmkbak.exe
O4 - HKCU\..\Run: [uyhbehw] c:\windows\bfmkbak.exe
O4 - HKCU\..\Run: [exabqvh] c:\windows\bfmkbak.exe
O4 - HKCU\..\Run: [lnqqbwu] c:\windows\bfmkbak.exe
O4 - HKCU\..\Run: [jcccihb] c:\windows\bfmkbak.exe
O4 - HKCU\..\Run: [gnbtoln] c:\windows\bfmkbak.exe
O4 - HKCU\..\Run: [wgmwhxn] c:\windows\bfmkbak.exe
O4 - HKCU\..\Run: [tndcmbp] c:\windows\bfmkbak.exe
O4 - HKCU\..\Run: [fpyfxik] c:\windows\bfmkbak.exe
O4 - HKCU\..\Run: [kxyrfju] c:\windows\bfmkbak.exe
O4 - HKCU\..\Run: [dbrvwln] c:\windows\bfmkbak.exe
O4 - HKCU\..\Run: [xvptxlc] c:\windows\bfmkbak.exe
O4 - HKCU\..\Run: [filkbkm] c:\windows\bfmkbak.exe
O4 - HKCU\..\Run: [xhyijrl] c:\windows\bfmkbak.exe
O4 - HKCU\..\Run: [nhuclhr] c:\windows\bfmkbak.exe
O4 - HKCU\..\Run: [pwbcads] c:\windows\najtyuh.exe
O4 - HKCU\..\Run: [anlipps] c:\windows\najtyuh.exe
O4 - HKCU\..\Run: [knjfgbh] c:\windows\najtyuh.exe
O4 - HKCU\..\Run: [ilxtyys] c:\windows\najtyuh.exe
O4 - HKCU\..\Run: [wrkpfcs] c:\windows\uomxbbo.exe
O4 - HKCU\..\Run: [ahxmijb] c:\windows\wrpcrhi.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [Aida] C:\Program Files\rdso\eetu.exe
O4 - HKCU\..\Run: [umouymj] c:\windows\ginbwrs.exe
O4 - HKCU\..\Run: [vsuebbn] c:\windows\ginbwrs.exe
O4 - HKCU\..\Run: [ckyaifh] c:\windows\ginbwrs.exe
O4 - HKCU\..\Run: [lcffair] c:\windows\ginbwrs.exe
O4 - HKCU\..\Run: [pciuukr] c:\windows\khxfyyg.exe
O4 - HKCU\..\Run: [ayqmewd] c:\windows\khxfyyg.exe
O4 - HKCU\..\Run: [wlsxyil] c:\windows\khxfyyg.exe
O4 - HKCU\..\Run: [qtltbml] c:\windows\noohwna.exe
O4 - HKCU\..\Run: [opnwdmu] c:\windows\noohwna.exe
O4 - HKCU\..\Run: [tudbflt] c:\windows\noohwna.exe
O4 - HKCU\..\Run: [odrymox] c:\windows\noohwna.exe
O4 - HKCU\..\Run: [ihynlwy] c:\windows\noohwna.exe
O4 - HKCU\..\Run: [ftlwcfw] c:\windows\noohwna.exe
O4 - HKCU\..\Run: [cqsywfg] c:\windows\noohwna.exe
O4 - HKCU\..\Run: [ijbjtuh] c:\windows\wjninlo.exe
O4 - HKCU\..\Run: [ndgjuoe] c:\windows\youxoat.exe
O4 - HKCU\..\Run: [uhlrhrg] c:\windows\lsnextn.exe
O4 - HKCU\..\Run: [pidlkeg] c:\windows\eopqoiq.exe
O4 - HKCU\..\Run: [wogvipa] c:\windows\eopqoiq.exe
O4 - HKCU\..\Run: [buewkxs] c:\windows\eopqoiq.exe
O4 - HKCU\..\Run: [rkwkfri] c:\windows\vwnaiww.exe
O4 - HKCU\..\Run: [jtikuuv] c:\windows\vwnaiww.exe
O4 - HKCU\..\Run: [ngaarrt] c:\windows\vwnaiww.exe
O4 - HKCU\..\Run: [niekgva] c:\windows\vwnaiww.exe
O4 - HKCU\..\Run: [ctuxsdu] c:\windows\xaikuhj.exe
O4 - HKCU\..\Run: [njxngnd] c:\windows\ekftigd.exe
O4 - HKCU\..\Run: [Eshh] C:\Program Files\tttw\arso.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O10 - Unknown file in Winsock LSP: c:\windows\system32\flsmngr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\flsmngr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\flsmngr.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120508471046
O16 - DPF: {EE2589EB-7FC8-44DB-A892-573F2C4B41E0} - http://pdf.forbes.com/forbesnews/triggernews/ForbesDownloaderSigned.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_1_6_0.cab
O16 - DPF: {FCC56E79-0FA2-4969-9164-06F140763455} (ActiveFormX Control) - http://klikw.com/awd/cabs/10110.cab
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
Rose53562 is offline  
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here