HijackThis! Log

Discussion in 'Computer Support' started by Craigger, Sep 9, 2004.

  1. Craigger

    Craigger Guest

    Can someone please tell me what I should fix on this HijackThis! Log?
    Thanks for all your help.
    Logfile of HijackThis v1.97.7
    Scan saved at 7:35:56 PM, on 9/8/2004
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\NAVNT\navapsvc.exe
    C:\Program Files\Norton Internet Security Family Edition\NISUM.EXE
    C:\PROGRA~1\NAVNT\npssvc.exe
    C:\WINDOWS\system32\regsvc.exe
    C:\WINDOWS\system32\MSTask.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\WINDOWS\System32\WBEM\WinMgmt.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Norton Internet Security Family Edition\NISSERV.EXE
    C:\PROGRA~1\NAVNT\alertsvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\Atiptaxx.exe
    C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb01.exe
    C:\WINDOWS\System32\hphmon03.exe
    C:\Program Files\Hewlett-Packard\PhotoSmart\Photo
    Imaging\Hpi_Monitor.exe
    C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
    C:\Program Files\Real\RealPlayer\RealPlay.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    c:\WINDOWS\system32\MDM.EXE
    C:\WINDOWS\system32\taskmgr.exe
    C:\WINDOWS\system32\pcs\pcsvc.exe
    C:\Program Files\Hotbar\bin\4.5.1.0\WeatherOnTray.exe
    C:\WINDOWS\system32\RUNDLL32.exe
    C:\Program Files\Hotbar\bin\4.5.1.0\HbInst.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\AIM\aim.exe
    C:\Program Files\Hotbar\bin\4.5.1.0\HbSrv.exe
    C:\Program Files\AWS\WeatherBug\Weather.EXE
    C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
    C:\Program Files\NAVNT\navapw32.exe
    C:\Program Files\Intuit\QuickBooks
    Pro\Components\QBAgent\qbdagent2001.exe
    C:\Program Files\America Online 9.0\aoltray.exe
    C:\Palm\HOTSYNC.EXE
    C:\WINDOWS\system32\mrtMngr.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
    C:\appsetup\Cleaning Tools\HijackThis.exe
    C:\WINDOWS\system32\ZgxaH.exe
    C:\WINDOWS\system32\ZgxaH.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    http://www.comcast.net/comcast.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title =
    Microsoft Internet Explorer provided by America Online
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    c:\windows\SYSTEM\blank.htm
    R3 - URLSearchHook: (no name) - {20EC3D2D-33C1-4C9D-BC37-C2D500688DA2}
    - C:\Program Files\TV Media\TvmBho.dll (file missing)
    O2 - BHO: (no name) - SOFTWARE - (no file)
    O2 - BHO: Recommended Hotfix - {0421701D-CF13-4E70-ADF0-45A953E7CB8B}
    - C:\Program Files\Recommended Hotfix - 421701D\v15\RH.DLL
    O2 - BHO: Curl - {A78CC2FF-6E4E-4556-B27C-D7C3A70D7A50} -
    C:\WINDOWS\System32\NDrv.dll (file missing)
    O2 - BHO: (no name) - {AEECBFDA-12FA-4881-BDCE-8C3E1CE4B344} -
    C:\WINDOWS\System32\nvms.dll
    O2 - BHO: Hotbar - {B195B3B3-8A05-11D3-97A4-0004ACA6948E} - C:\Program
    Files\Hotbar\bin\4.5.1.0\HbHostIE.dll
    O2 - BHO: (no name) - {CE188402-6EE7-4022-8868-AB25173A3E14} -
    C:\WINDOWS\System32\mscb.dll
    O2 - BHO: Search Help - {E8EAEB34-F7B5-4C55-87FF-720FAF53D841} -
    C:\Documents and Settings\Brittni\Local Settings\Temp\rCFQzsJ2s.dll
    O2 - BHO: (no name) - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} -
    C:\WINDOWS\System32\msbe.dll
    O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio -
    {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: &Hotbar - {B195B3B3-8A05-11D3-97A4-0004ACA6948E} -
    C:\Program Files\Hotbar\bin\4.5.1.0\HbHostIE.dll
    O3 - Toolbar: SuperBar - {6D23C172-B05C-4583-AB9E-7F18699DF95B} -
    C:\Program Files\SUPERBAR\SUPERBAR.dll (file missing)
    O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no
    file)
    O4 - HKLM\..\Run: [SystemTray] systray.exe
    O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe
    O4 - HKLM\..\Run: [NPS Event Checker] C:\PROGRA~1\NAVNT\npscheck.exe
    O4 - HKLM\..\Run: [iamapp] "C:\Program Files\Norton Internet Security
    Family Edition\IAMAPP.EXE"
    O4 - HKLM\..\Run: [LoadQM] loadqm.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility]
    C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb01.exe
    O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\System32\hphmon03.exe
    O4 - HKLM\..\Run: [CXMon] "C:\Program
    Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe"
    O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P
    Networking\P2P Networking.exe /AUTOSTART
    O4 - HKLM\..\Run: [RealTray] C:\Program
    Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
    Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint
    Manager\ViewMgr.exe
    O4 - HKLM\..\Run: [1Px] C:\documents and settings\brittni\local
    settings\temp\1Px.exe
    O4 - HKLM\..\Run: [3ZJP7@#5TTQ3SJ] C:\WINDOWS\System32\TfiNg.exe
    O4 - HKLM\..\Run: [Pcsv] C:\WINDOWS\system32\pcs\pcsvc.exe
    O4 - HKLM\..\Run: [WebRebates0] "C:\Program
    Files\Web_Rebates\WebRebates0.exe"
    O4 - HKLM\..\Run: [stcinstaller] c:\installer\id53.exe
    O4 - HKLM\..\Run: [WeatherOnTray] C:\Program
    Files\Hotbar\bin\4.5.1.0\WeatherOnTray.exe
    O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program
    Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
    O4 - HKLM\..\Run: [aakGnv] C:\documents and settings\brittni\local
    settings\temp\aakGnv.exe
    O4 - HKLM\..\Run: [EbatesMoeMoneyMaker0] "C:\Program
    Files\Ebates_MoeMoneyMaker\EbatesMoeMoneyMaker0.exe"
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [aakGnv.exe] C:\documents and settings\brittni\local
    settings\temp\aakGnv.exe
    O4 - HKLM\..\Run: [Hotbar] C:\Program
    Files\Hotbar\bin\4.5.1.0\HbInst.exe /Upgrade
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN
    Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
    O4 - HKCU\..\Run: [Weather] C:\Program
    Files\AWS\WeatherBug\Weather.EXE 1
    O4 - Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE
    O4 - Startup: PowerReg Scheduler.exe
    O4 - Global Startup: Resolution Assistant.lnk = C:\Program
    Files\DELL\Resolution Assistant\MotiveAssistant\bin\matcli.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
    Office\Office\OSA9.EXE
    O4 - Global Startup: Symantec Fax Starter Edition Port.lnk =
    C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
    O4 - Global Startup: Norton AntiVirus AutoProtect.lnk = C:\Program
    Files\NAVNT\navapw32.exe
    O4 - Global Startup: QuickBooks 2001 Delivery Agent.lnk = C:\Program
    Files\Intuit\QuickBooks Pro\Components\QBAgent\qbdagent2001.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common
    Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program
    Files\America Online 9.0\aoltray.exe
    O8 - Extra context menu item: Send Image to Photo Library -
    file://C:\Documents and Settings\Brittni\Application
    Data\MGI\PhotoSuite4\Temp\MGI00000.html
    O9 - Extra button: AIM (HKLM)
    O9 - Extra button: Real.com (HKLM)
    O9 - Extra button: Ebates (HKCU)
    O9 - Extra button: Dell Home (HKCU)
    O9 - Extra button: WeatherBug (HKCU)
    O14 - IERESET.INF: START_PAGE_URL=http://www.aol.com
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
    http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralInitialSetup1.0.0.8.cab
    O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer)
    -
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
    http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38237.8768055556
    O16 - DPF: {FF65677A-8977-48CA-916A-DFF81B037DF3} -
    http://download.overpro.com/WildApp.cab
     
    Craigger, Sep 9, 2004
    #1
    1. Advertising

  2. Go here and you'll see for yourself.

    http://hijackthis.de/index.php?langselect=english

    Paste your logfile into the analyzer, and it will give you a summary of what
    is safe and what's needed to be fixed.


    "Craigger" <> wrote in message
    news:...
    > Can someone please tell me what I should fix on this HijackThis! Log?
    > Thanks for all your help.
     
    Chris Matthews, Sep 9, 2004
    #2
    1. Advertising

  3. Craigger

    Ohio Chuck Guest

    "Chris Matthews" <> wrote in message
    news:p5S%c.136759$9d6.98475@attbi_s54...
    > Go here and you'll see for yourself.
    >
    > http://hijackthis.de/index.php?langselect=english
    >
    > Paste your logfile into the analyzer, and it will give you a summary of
    > what
    > is safe and what's needed to be fixed.
    >
    >
    > "Craigger" <> wrote in message
    > news:...
    >> Can someone please tell me what I should fix on this HijackThis! Log?
    >> Thanks for all your help.

    >
    >

    Hey that's slick. I usually dump everything except something I recognize,
    which isn't much.
    The codes they give you in front of each item (not shown with your post)
    usually tell you if you should dump it.
     
    Ohio Chuck, Sep 9, 2004
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. UnderDog

    HijackThis Log

    UnderDog, May 8, 2004, in forum: Computer Support
    Replies:
    5
    Views:
    5,622
    Boomer
    May 8, 2004
  2. ~*Eternity*~

    Help with HijackThis! Log

    ~*Eternity*~, May 14, 2004, in forum: Computer Support
    Replies:
    8
    Views:
    806
    Toolman Tim
    May 15, 2004
  3. Mr. Wood

    HijackThis log - what do I fix?

    Mr. Wood, May 30, 2004, in forum: Computer Support
    Replies:
    6
    Views:
    553
    Toolman Tim
    May 30, 2004
  4. nik_marquise

    HijackThis help . . . not log file . . . Help

    nik_marquise, Jun 8, 2004, in forum: Computer Support
    Replies:
    1
    Views:
    382
    ┬░Mike┬░
    Jun 8, 2004
  5. Warren Briggs

    Help with Hijackthis!! LOG

    Warren Briggs, Jun 9, 2004, in forum: Computer Support
    Replies:
    2
    Views:
    580
    discogail
    Jun 9, 2004
Loading...

Share This Page