Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works

my hijack log

  • Please log in to reply



    New Member

  • Member
  • Pip
  • 2 posts
this is what i posted , and was suggested to place a hijack log here.

i have a number of problems with my pc i've had for about a year now. i use "trend micro pc cillin AV", "adaware", "microsoft antispyware" and "hijack this". still problems arise. 1. "windows media player" doesnt open , gives me a popup "an internal application has occured", even after uninstalling and reinstalling. 2. "MS antispyware" keeps poping up that a BHO keeps installing itself. - i remove it in "MS anitspyware" and "hijack this". still more attaches itself under different names. 3. "pc cillin" finds trojan and other viruses whenever i open "my documents" "netscape navigator" "Internet Explorer" or "my computer" windows all the time. they are quarantined most of the time, but some are "denied Access". 4. "Internet explorer" opens and displays some pages, but when it comes to downloading (updates) it doesnt allow me to. i use netscape and usually hafto save installation programs to disk, and downloading this way fails sometimes. namely, when i hafto download windows updates manually or just check, it tells me i need IE 6 , so i download it, and still IE doesnt display the updates page. 5. the search window under "find files or folders..." displays as blank, only the helper shows on the side (a dog) an when i click on it , it only scratches itself, and nothing happens. 6. dell support icon appears, but when clicked on, only a blank page comes up to the right corner, and can only be closed by right clickin the bar representation on the start menu bar at the bottom and choosing close. 7. "Creative webcam notebook" cant install on my desktop - during installing with the disk , it freezes and never processes thru, the programs themselves install , but now they cant be removed for Add/Remove programs- the "creative pc-cam center" and "creative webcam monitor" programs. it goes thru to 100% but the icons still display and programs still open when i click on them.i want to remove these programs from my system and try to install the cam. 8. there's a "HOme Search Assistent" and "shopping wizard" programs that can't be removed from Add/Remove Programs. when i click on the uninstall in Add/Remove program, it redirects me to a webpage where i download another program to uninstall. and when i do that, nothign happens. 9. Msn toolbar says its uninstalled but still appears on the Add/Remove list, witout option of removal.
10. Yahoo tool bar cant be removed from Add/Remove list. Window displays "RUNDLL " as the header, then says"Error loading c:/progra~1/Yahoo!/COMPAN~1/Installs/cpn1/YCOPM5~1.dll. The specified module could not be found. " 11. Everytime i run adaware it finds 20+ malware programes, namely coolwebsearch comes up a lot. what can i do to stop it. 12. Microsoft antispware always directs me to a setup page everytime i open it, having me setup scans and downloading updates before a scan.

Logfile of HijackThis v1.99.1
Scan saved at 9:31:27 PM, on 5/27/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\Trend Micro\Internet Security 2005\pccguide.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\Documents and Settings\Dufy\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;
R3 - Default URLSearchHook is missing
F1 - win.ini: run=fntldr.exe C:\WINDOWS\..\PROGRA~1\COMMON~1\MICROS~1\MSInfo\msinfo.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\userinit.exe,C:\WINDOWS\System32\svcpack.exe
N3 - Netscape 7: user_pref("browser.startup.homepage", "www.hotmail.com"); (C:\Documents and Settings\Dufy\Application Data\Mozilla\Profiles\default\30eqzdqi.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Dufy\Application Data\Mozilla\Profiles\default\30eqzdqi.slt\prefs.js)
O2 - BHO: Class - {C21C63F8-4294-8448-115A-32EF23FDED10} - C:\WINDOWS\ntgn32.dll
O4 - HKLM\..\Run: [sysse.exe] C:\WINDOWS\system32\sysse.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2005\pccguide.exe"
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.r...ip/RdxIE601.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Workstation NetLogon Service ( 11F#`I) - Unknown owner - C:\WINDOWS\system32\ievm32.exe" /s (file missing)
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: ScriptBlocking Service (SBService) - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe (file missing)
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
  • 0


Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP