Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

A Big Thankyou and final Hijack this logifle


  • Please log in to reply

#1
Graham

Graham

    New Member

  • Member
  • Pip
  • 7 posts
First of all a big thankyou for all your help. I could not believe how quick and easy to follow it was. A donation has been sent. Also I was asked when it was finished to send a final Hijack this Logfile so here it is.

Logfile of HijackThis v1.98.0
Scan saved at 10:30:47 AM, on 7/22/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\NoAds\NoAds.exe
C:\Program Files\DIRECWAY\BIN\dpcstart.exe
C:\PROGRA~1\DIRECWAY\bin\dpcnav.exe
C:\Documents and Settings\Owner\Desktop\Hijack FIle\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:83
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ATIPTA] atiptaxx.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKCU\..\Run: [NoAds] "C:\Program Files\NoAds\NoAds.exe"
O4 - Startup: Dpcstart.lnk = C:\Program Files\DIRECWAY\BIN\dpcstart.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.spywarest...es2/Install.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5FA2AB2D-65F7-41C6-BC47-ED30D3C71FA3}: Domain = direcway.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{5FA2AB2D-65F7-41C6-BC47-ED30D3C71FA3}: NameServer = 66.82.4.8 198.77.116.8 66.82.4.8 198.77.116.8 66.82.4.8 198.77.116.8 66.82.4.8 198.77.116.8 66.82.4.8 198.77.116.8 66.82.4.8 198.77.116.8 66.82.4.8 198.77.116.8 66.82.4.8 198.77.116.8 66.82.4.8 198.77.116.8 66.82.4.8 198.77.116.8 66.82.4.8 198.77.116.8 66.82.

Also 1 last question about DSO Exploit. I still have the 1 entry (down from 5 due to earlier fix I described earlier) I understood that as long as windows updates are all done (they are) that it is no big deal. Is that true
THANKS AGAIN I HAVEW REALLY APPRECIATE THE HELP!
  • 0

Advertisements


#2
Smokey

Smokey

    Member 1K

  • Retired Staff
  • 1,423 posts
Thank you so much for the kind donation <_<. The DSO Exploit problem is a known bug in Spybot and will be fixed in future versions. You have just a couple HJT lines left to fix:

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing

Be sure to keep SpwareBlaster and the Windows Update up-to-date. I strongly recommend you install an Anti-Virus and keep it up-to-date. AVG offers a great free anti-virus:
http://free.grisoft....us/doc/2/tpl/v5

Also, make sure your Windows Firewall is turned on. To do this:

1. Go to "Start", then "Control Panel"
2. Click on "Network and Internet Connections", then "Network Connections" at the bottom
3. Right-click on your internet connection and choose "Properties"
4. Click the "Advanced" tab and make sure "Protect my computer..." is checked
5. Hit "OK" and you will now be protected from hackers
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP