Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

is my system free of hijacker programs?

Started by jackoat , May 17 2005 02:54 AM

  • Please log in to reply

#1
jackoat
Posted 17 May 2005 - 02:54 AM

jackoat

    New Member

  • Member
  • Pip
  • 1 posts
hi i need a little bit of help here i had smitford desktop hijacker i formatted my pc but the same trojon attacked again i think i deleted it but i would really like to be sure so i am posting this hijackthis log file can you please cheak it and tell me if my system is fine



Logfile of HijackThis v1.99.1
Scan saved at 2:15:37 PM, on 5/17/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 SP4 (5.00.2920.0000)

Running processes:
E:\WINNT\System32\smss.exe
E:\WINNT\system32\winlogon.exe
E:\WINNT\system32\services.exe
E:\WINNT\system32\lsass.exe
E:\WINNT\system32\svchost.exe
E:\WINNT\system32\spoolsv.exe
E:\WINNT\System32\svchost.exe
E:\WINNT\System32\nvsvc32.exe
E:\PROGRA~1\QUICKH~1\QHONSVC.EXE
E:\WINNT\system32\regsvc.exe
E:\WINNT\system32\MSTask.exe
E:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
E:\WINNT\System32\WBEM\WinMgmt.exe
E:\WINNT\system32\svchost.exe
E:\WINNT\Explorer.EXE
E:\Program Files\Common Files\Real\Update_OB\realsched.exe
E:\PROGRA~1\QUICKH~1\MailSvr.exe
E:\PROGRA~1\QUICKH~1\UPSCHD.EXE
E:\PROGRA~1\QUICKH~1\QHM32.EXE
E:\Program Files\AdsGone\adsgone.exe
E:\PROGRA~1\QUICKH~1\QHONLINE.EXE
E:\WINNT\system32\wuauclt.exe
E:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\Program Files\ewido\security suite\ewidoctrl.exe
E:\Program Files\ewido\security suite\ewidoguard.exe
E:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\Documents and Settings\kartik\Desktop\software protection\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://203.122.12.11...p://172.16.0.1/ (obfuscated)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Smapp] E:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINNT\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINNT\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Quick Heal e-mail Protection] E:\PROGRA~1\QUICKH~1\MailSvr.exe
O4 - HKLM\..\Run: [QH Live Update Scheduler] E:\PROGRA~1\QUICKH~1\UPSCHD.EXE /CHECK
O4 - HKLM\..\Run: [QH Office 2K Check] E:\PROGRA~1\QUICKH~1\O2KCHECK.EXE /CHECK
O4 - HKLM\..\Run: [Quick Heal On-Line Protection] E:\PROGRA~1\QUICKH~1\CATEYE.EXE
O4 - HKLM\..\Run: [Quick Heal Messenger] E:\PROGRA~1\QUICKH~1\QHM32.EXE
O4 - HKLM\..\Run: [Quick Heal Startup Scan] E:\PROGRA~1\QUICKH~1\QHSTRT32.exe /loadrun
O4 - HKLM\..\Run: [Security iGuard] E:\Program Files\Security iGuard\Security iGuard.exe
O4 - HKLM\..\RunOnce: [Quick Heal Startup Scan] E:\PROGRA~1\QUICKH~1\QHSTRT32.exe /check
O4 - HKCU\..\Run: [RWipeKbdDemon] E:\Program Files\R-Wipe&Clean\RWKbdD.exe
O4 - HKCU\..\Run: [atiupdpl] E:\WINNT\system32\atiupdpl.exe
O4 - Startup: AdsGone.lnk = E:\Program Files\AdsGone\adsgone.exe
O4 - Global Startup: AdsGone 2004.lnk = E:\Program Files\AdsGone\adsgone.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F1A9C9E9-A323-4D03-A946-F57E1E1A3A83}: NameServer = 172.16.1.1
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - E:\WINNT\System32\dmadmin.exe
O23 - Service: ewido security suite control - ewido networks - E:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - E:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINNT\System32\nvsvc32.exe
O23 - Service: Quick Heal Online Protection - Unknown owner - E:\PROGRA~1\QUICKH~1\QHONSVC.EXE
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - E:\Program Files\Analog Devices\SoundMAX\SMAgent.exe





thank you
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP