Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

My HIJACKTHIS Log


  • This topic is locked This topic is locked

#1
VirusGirl123

VirusGirl123

    Member

  • Member
  • PipPipPip
  • 150 posts
Logfile of HijackThis v1.97.7
Scan saved at 4:45:31 PM, on 11/27/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\System32\msrpc32.exe
C:\WINDOWS\System32\msrpc32.exe
C:\Program Files\AIM95\aim.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us6.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hsremove.com/done.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://us6.hpwis.com/
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {ED103D9F-3070-4580-AB1E-E5C179C1AE41} - C:\WINDOWS\ELITES~1\ELITES~1.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [MS Remote Procedure Call] msrpc32.exe
O4 - HKLM\..\Run: [Windows AdControl] C:\Program Files\Windows AdControl\WinAdCtl.exe
O4 - HKLM\..\Run: [SoloSchedule] C:\PROGRA~1\SRNMIC~1\SOLOCFG.EXE
O4 - HKLM\..\Run: [Cryptographic Service] C:\WINDOWS\System32\pjsse.exe
O4 - HKLM\..\Run: [Windows Update] C:\WINDOWS\System32\rfpeja.exe
O4 - HKLM\..\Run: [Microsoft Windows System Update] rpcxupdtsys.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [Sygate Personal Firewall Start] servic.exe
O4 - HKLM\..\Run: [Windows AdTools] C:\Program Files\Windows AdTools\WinAdTools.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Microsoft Manager] winspoolsv32.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [DDCM] "C:\Program Files\WildTangent\DDC\DDCManager\DDCMan.exe" -Background
O4 - HKLM\..\Run: [checktime] c:\program files\HPSelect\Frontend\ct.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\RunServices: [MS Remote Procedure Call] msrpc32.exe
O4 - HKLM\..\RunServices: [Sygate Personal Firewall Start] servic.exe
O4 - HKLM\..\RunServices: [MSN Updater] msnms.exe
O4 - HKCU\..\Run: [MS Remote Procedure Call] msrpc32.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Microsoft Windows System Update] rpcxupdtsys.exe
O4 - HKCU\..\Run: [Microsoft Works Update Detection] \WkDetect.exe
O4 - HKCU\..\Run: [Notn] C:\Documents and Settings\Owner.YOUR-US67PI6LUV\Application Data\eber.exe
O4 - HKCU\..\Run: [Uau] C:\WINDOWS\System32\?xplorer.exe
O4 - Global Startup: Event Reminder.lnk = ?
O4 - Global Startup: hp center UI.lnk = C:\Program Files\hp center\137903\Shadow\ShadowBar.exe
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O9 - Extra button: AIM (HKLM)
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{05DE8BA8-3F60-47DE-9BE4-A3BB9B500C7B}: NameServer = 205.152.144.23 205.152.37.23
O17 - HKLM\System\CS1\Services\Tcpip\..\{05DE8BA8-3F60-47DE-9BE4-A3BB9B500C7B}: NameServer = 205.152.144.23 205.152.37.23
  • 0

Advertisements


#2
coachwife6

coachwife6

    SuperStar

  • Retired Staff
  • 11,413 posts
Virusgirl: This is the fifth topic you have opened in the past 24 hours. You have also sent me two personal messages, which I did not respond to. Please do not PM the staff. The messages will be ignored. We need to fix problems in open forums so everyone can benefit. Thank you.

Please do not open another topic. All fixes will be posted in this topic. I do not know what has already been done to your computer because the fixes are all over several forums.

You have an old version of Hijack This which is not very effective. Please download the version in my signature and follow the instructions outline in the guidelines.

When you are through downloading it and running the program, post the results in this thread. Do not start another thread. The new version should be 1.98.2.

Thank you for understanding. We have very few staff members and everyone is a volunteer. We know your situation is one you want to resolve immediately, but so does everyone else who posts here.

Please follow the guidelines and we'll get it worked out. <_<
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP