Skip to content
View in the app

A better way to browse. Learn more.
Lunarsoft Forums

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Glenn log 01

gpratt1
in Resolved Logs

Featured Replies

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:52:18 PM, on 7/27/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Symantec\pcAnywhere\awhost32.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Network Associates\Common Framework\FrameworkService.exe

C:\Program Files\Network Associates\VirusScan\mcshield.exe

C:\Program Files\Network Associates\VirusScan\vstskmgr.exe

C:\Program Files\Panasonic\pcinfo\PCInfoPi.exe

C:\Program Files\Panasonic\pcinfo\PCInfoSV.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Program Files\UPHClean\uphclean.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Colonial Life\Time Zone Settings\TimeZoneTool.exe

C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\msiexec.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.coloniallife.com/Services/Applications/MemberServices/Login.aspx

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.coloniallife.com/

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (disabled by BHODemon)

O4 - HKLM\..\Run: [unum Time Zone Settings] "c:\Program Files\Colonial Life\Time Zone Settings\TimeZoneTool.exe" /StartMinimized

O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler

O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://producermail2.coloniallife.com/iNotes6W.cab

O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlsr.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1189529448875

O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

O18 - Protocol: qvp - {4BA78E3D-CA25-4BFF-B8F0-8A3359E4B520} - C:\PROGRA~1\QlikView\QVPROT~1\Qvp.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Afaria Client Service - iAnywhere Solutions, Inc. - C:\Apps\Afaria\Bin\XeService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe

O23 - Service: B's Recorder GOLD Service (bgsvc) - B.H.A Corporation - C:\Program Files\B's Recorder GOLD8\bgsvc.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: DPAgent - BeCrypt Ltd - C:\Program Files\Afaria\Disk Protect\DPAgent.exe

O23 - Service: DVD-RAM_Service - Matsus***a Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe

O23 - Service: ERRJ - Unknown owner - C:\DOCUME~1\Colonial\LOCALS~1\Temp\ERRJ.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: FGDQBT - Unknown owner - C:\DOCUME~1\Colonial\LOCALS~1\Temp\FGDQBT.exe (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: KC - Unknown owner - C:\DOCUME~1\Colonial\LOCALS~1\Temp\KC.exe (file missing)

O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe

O23 - Service: Network Associates McShield (McShield) - McAfee, Inc. - C:\Program Files\Network Associates\VirusScan\mcshield.exe

O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe

O23 - Service: SQL Server (HARMONYV7) (MSSQL$HARMONYV7) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\secservr.exe

O23 - Service: NP - Unknown owner - C:\DOCUME~1\Colonial\LOCALS~1\Temp\NP.exe (file missing)

O23 - Service: Panasonic PC Information Viewer Service 2 (PcInfoPi) - Matsus***a Electric Industrial Co., Ltd. - C:\Program Files\Panasonic\pcinfo\PCInfoPi.exe

O23 - Service: Panasonic PC Information Viewer (PcInfoSV) - Matsus***a Electric Industrial Co., Ltd. - C:\Program Files\Panasonic\pcinfo\PCInfoSV.exe

O23 - Service: PGGNU - Unknown owner - C:\DOCUME~1\Colonial\LOCALS~1\Temp\PGGNU.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: SKR - Unknown owner - C:\DOCUME~1\Colonial\LOCALS~1\Temp\SKR.exe (file missing)

O23 - Service: TILANHP - Unknown owner - C:\DOCUME~1\Colonial\LOCALS~1\Temp\TILANHP.exe (file missing)

--

End of file - 7764 bytes

  • Administrator

Welcome to Lunarsoft, gpratt1. Are you still experiencing symptoms?

Windows has built in time updating, so you may want to uninstall the following:

[unum Time Zone Settings] "c:\Program Files\Colonial Life\Time Zone Settings\TimeZoneTool.exe" /StartMinimized

Generated by Tarun of Lunarsoft's HijackThis Converter v0.53 Beta.

Default-color items are optional, red are known to be malicious.

Created registry value

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896

Changed registry value

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.colonial...ices/Login.aspx

Created registry value

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896

Changed registry value

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

Created registry value

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.coloniallife.com/

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

Enumeration of existing IE's BHO's

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (disabled by BHODemon)

Enumeration of suspicious auto-loading registry entries

O4 - HKLM\..\Run: [unum Time Zone Settings] "c:\Program Files\Colonial Life\Time Zone Settings\TimeZoneTool.exe" /StartMinimized

O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler

Extra "Tools" menu items and buttons

O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)

Downloaded Program Files item

O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://producermail...om/iNotes6W.cab

O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.s...abs/tgctlsr.cab

O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.co...ic/SimCityX.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.m...ash/swflash.cab

Enumeration of NT Services

O23 - Service: ERRJ - Unknown owner - C:\DOCUME~1\Colonial\LOCALS~1\Temp\ERRJ.exe (file missing)

O23 - Service: FGDQBT - Unknown owner - C:\DOCUME~1\Colonial\LOCALS~1\Temp\FGDQBT.exe (file missing)

O23 - Service: KC - Unknown owner - C:\DOCUME~1\Colonial\LOCALS~1\Temp\KC.exe (file missing)

O23 - Service: NP - Unknown owner - C:\DOCUME~1\Colonial\LOCALS~1\Temp\NP.exe (file missing)

O23 - Service: PGGNU - Unknown owner - C:\DOCUME~1\Colonial\LOCALS~1\Temp\PGGNU.exe (file missing)

O23 - Service: SKR - Unknown owner - C:\DOCUME~1\Colonial\LOCALS~1\Temp\SKR.exe (file missing)

O23 - Service: TILANHP - Unknown owner - C:\DOCUME~1\Colonial\LOCALS~1\Temp\TILANHP.exe (file missing)

Guest
This topic is now closed to further replies.
Go to topic listing

Recently Browsing 0

  • No registered users viewing this page.

Account

Navigation

Search

Search

Configure browser push notifications
Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.