Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Support > Re: Hijackthis question

Reply
Thread Tools

Re: Hijackthis question

 
 
Zephyr
Guest
Posts: n/a
 
      08-29-2003
On Fri, 29 Aug 2003 01:24:39 -0500, longshotjohn7
<(E-Mail Removed)> wrote:

> Does anyone see any thing wrong here??
>
> Logfile of HijackThis v1.96.2
> Scan saved at 12:24:53 AM, on 8/25/2003
> Platform: Windows XP SP1 (WinNT 5.01.2600)
> MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
>
> Running processes:
> C:\WINDOWS\System32\smss.exe
> C:\WINDOWS\system32\winlogon.exe
> C:\WINDOWS\system32\services.exe
> C:\WINDOWS\system32\lsass.exe
> C:\WINDOWS\system32\svchost.exe
> C:\WINDOWS\System32\svchost.exe
> C:\WINDOWS\system32\spoolsv.exe
> C:\WINDOWS\Explorer.EXE
> C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
> C:\WINDOWS\system32\ZoneLabs\vsmon.exe
> C:\windows\system\hpsysdrv.exe
> C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
> C:\hp\KBD\kbd.exe
> c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
> C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
> C:\Program Files\AIDA32 - Personal System Information\aida32.bin
> C:\Program Files\Internet Explorer\iexplore.exe
> C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Directory 1
> for hijackthis.zip\HijackThis.exe
>
> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
> http://srch-us7.hpwis.com/
> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
> http://srch-us7.hpwis.com/
> R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
> http://www.bellsouth.net/
> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
> http://us7.hpwis.com/
> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
> http://srch-us7.hpwis.com/
> R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
> http://us7.hpwis.com/
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
> http://srch-us7.hpwis.com/
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
> http://srch-us7.hpwis.com/
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
> http://us7.hpwis.com/
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
> http://srch-us7.hpwis.com/
> R3 - Default URLSearchHook is missing
> O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program
> Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
> O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
> C:\WINDOWS\System32\msdxm.ocx
> O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} -
> C:\HP\EXPLOREBAR\HPTOOLKT.DLL
> O4 - HKLM\..\Run: [BlockTracker] c:\hp\bin\BlockTracker.exe
> O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
> O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
> O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program
> Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
> O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS
> Software\Update
> Manager\sgtray.exe" /r
> O4 - HKLM\..\Run: [AutoTBar] C:\hp\bin\autotbar.exe
> O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
> O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon
> initialize
> O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded
> O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
> O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\WinPatrol.exe
> O4 - HKLM\..\Run: [KBD] C:\hp\KBD\kbd.exe
> O4 - HKLM\..\Run: [AVG_CC] C:\Program Files\Grisoft\AVG6\avgcc32.exe
> /startup
> O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
> O4 - Global Startup: ZoneAlarm.lnk = C:\Program Files\Zone
> Labs\ZoneAlarm\zonealarm.exe
> O9 - Extra button: MktBrowser (HKLM)
> O9 - Extra 'Tools' menuitem: MarketBrowser (HKLM)
> O9 - Extra button: AIM (HKLM)
> O9 - Extra button: Messenger (HKLM)
> O9 - Extra 'Tools' menuitem: Messenger (HKLM)
> O12 - Plugin for .bcf: C:\Program Files\Internet
> Explorer\Plugins\NPBelv32.dll
> O12 - Plugin for .spop: C:\Program Files\Internet
> Explorer\Plugins\NPDocBox.dll
> O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} -
> http://www.xblock.com/download/xclean_micro.exe
> O16 - DPF: {670821E0-76D1-11D4-9F60-009027A966BF} (YouBet Secure Data
> Transfer Control) - http://racing.youbet.com/controls/ybrequest.cab
> O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
> http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
> O16 - DPF: {C9DB5AF8-4C14-4A3E-90F8-DB49D6B4866D} (YBUICtrl.FloatWnd.1) -
> http://racing.youbet.com/controls/YBUICtrl.cab
> O17 -
> HKLM\System\CCS\Services\Tcpip\..\{EDD70B7A-56D4-40CE-9D06-836630E14E3E}:
> NameServer = 207.203.159.252 205.152.37.254
>
>
>


Hi, try going to http://www.spywareinfo.com/ and paste your Hijackthis log
in their forum. they will decipher it for you.

Or go here: http://www.spywareinfo.com/~merijn/htlogtutorial.html
to attempt to decipher it yourself.

 
Reply With Quote
 
 
 
 
longshotjohn7
Guest
Posts: n/a
 
      08-30-2003
Zephyr wrote:
> On Fri, 29 Aug 2003 01:24:39 -0500, longshotjohn7


I have been googling all day. It is now 12:13 am on my desktop. Now my
host>>serrver can be found....and here I am, after trying sporadically all
day to connect to newsgroups.. Methinks bellsouth may have a bug ups its ass
instead of me.

fuquekeen grrrrrrrrrrr.......I got handicapping to do tomorrow and here I am
****eeng with this ****.....

--
longshotjohn 7

http://www.smartgroups.com/groups/hot2trot


The world is a dangerous place, not because of those who do evil, but
because of those who look on and do nothing. --Albert Einstein


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Hijackthis Question.. nunayer_beezwax General Computer Support 0 11-16-2007 09:21 PM
WMP, WMV & hijackthis question! gary Computer Support 0 10-11-2004 06:28 PM
My HiJackThis Results Stephanie Computer Support 7 10-11-2003 04:46 PM
New version of HijackThis °Mike° Computer Support 7 10-10-2003 07:12 AM
Re: Hijackthis question B.Al.Zeebub Computer Support 1 08-29-2003 01:02 PM



Advertisments