Re: Hijackthis question

Discussion in 'Computer Support' started by Zephyr, Aug 29, 2003.

  1. Zephyr

    Zephyr Guest

    On Fri, 29 Aug 2003 01:24:39 -0500, longshotjohn7
    <> wrote:

    > Does anyone see any thing wrong here??
    >
    > Logfile of HijackThis v1.96.2
    > Scan saved at 12:24:53 AM, on 8/25/2003
    > Platform: Windows XP SP1 (WinNT 5.01.2600)
    > MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
    >
    > Running processes:
    > C:\WINDOWS\System32\smss.exe
    > C:\WINDOWS\system32\winlogon.exe
    > C:\WINDOWS\system32\services.exe
    > C:\WINDOWS\system32\lsass.exe
    > C:\WINDOWS\system32\svchost.exe
    > C:\WINDOWS\System32\svchost.exe
    > C:\WINDOWS\system32\spoolsv.exe
    > C:\WINDOWS\Explorer.EXE
    > C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
    > C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    > C:\windows\system\hpsysdrv.exe
    > C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    > C:\hp\KBD\kbd.exe
    > c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
    > C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
    > C:\Program Files\AIDA32 - Personal System Information\aida32.bin
    > C:\Program Files\Internet Explorer\iexplore.exe
    > C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Directory 1
    > for hijackthis.zip\HijackThis.exe
    >
    > R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
    > http://srch-us7.hpwis.com/
    > R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
    > http://srch-us7.hpwis.com/
    > R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    > http://www.bellsouth.net/
    > R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    > http://us7.hpwis.com/
    > R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
    > http://srch-us7.hpwis.com/
    > R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    > http://us7.hpwis.com/
    > R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
    > http://srch-us7.hpwis.com/
    > R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
    > http://srch-us7.hpwis.com/
    > R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    > http://us7.hpwis.com/
    > R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
    > http://srch-us7.hpwis.com/
    > R3 - Default URLSearchHook is missing
    > O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program
    > Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    > O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
    > C:\WINDOWS\System32\msdxm.ocx
    > O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} -
    > C:\HP\EXPLOREBAR\HPTOOLKT.DLL
    > O4 - HKLM\..\Run: [BlockTracker] c:\hp\bin\BlockTracker.exe
    > O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    > O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    > O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program
    > Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    > O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS
    > Software\Update
    > Manager\sgtray.exe" /r
    > O4 - HKLM\..\Run: [AutoTBar] C:\hp\bin\autotbar.exe
    > O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    > O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon
    > initialize
    > O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded
    > O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
    > O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\WinPatrol.exe
    > O4 - HKLM\..\Run: [KBD] C:\hp\KBD\kbd.exe
    > O4 - HKLM\..\Run: [AVG_CC] C:\Program Files\Grisoft\AVG6\avgcc32.exe
    > /startup
    > O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
    > O4 - Global Startup: ZoneAlarm.lnk = C:\Program Files\Zone
    > Labs\ZoneAlarm\zonealarm.exe
    > O9 - Extra button: MktBrowser (HKLM)
    > O9 - Extra 'Tools' menuitem: MarketBrowser (HKLM)
    > O9 - Extra button: AIM (HKLM)
    > O9 - Extra button: Messenger (HKLM)
    > O9 - Extra 'Tools' menuitem: Messenger (HKLM)
    > O12 - Plugin for .bcf: C:\Program Files\Internet
    > Explorer\Plugins\NPBelv32.dll
    > O12 - Plugin for .spop: C:\Program Files\Internet
    > Explorer\Plugins\NPDocBox.dll
    > O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} -
    > http://www.xblock.com/download/xclean_micro.exe
    > O16 - DPF: {670821E0-76D1-11D4-9F60-009027A966BF} (YouBet Secure Data
    > Transfer Control) - http://racing.youbet.com/controls/ybrequest.cab
    > O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
    > http://a840.g.akamai.net/7/840/537/2003080601/housecall.antivirus.com/housecall/xscan53.cab
    > O16 - DPF: {C9DB5AF8-4C14-4A3E-90F8-DB49D6B4866D} (YBUICtrl.FloatWnd.1) -
    > http://racing.youbet.com/controls/YBUICtrl.cab
    > O17 -
    > HKLM\System\CCS\Services\Tcpip\..\{EDD70B7A-56D4-40CE-9D06-836630E14E3E}:
    > NameServer = 207.203.159.252 205.152.37.254
    >
    >
    >


    Hi, try going to http://www.spywareinfo.com/ and paste your Hijackthis log
    in their forum. they will decipher it for you.

    Or go here: http://www.spywareinfo.com/~merijn/htlogtutorial.html
    to attempt to decipher it yourself.
     
    Zephyr, Aug 29, 2003
    #1
    1. Advertising

  2. Zephyr wrote:
    > On Fri, 29 Aug 2003 01:24:39 -0500, longshotjohn7


    I have been googling all day. It is now 12:13 am on my desktop. Now my
    host>>serrver can be found....and here I am, after trying sporadically all
    day to connect to newsgroups.. Methinks bellsouth may have a bug ups its ass
    instead of me.

    fuquekeen grrrrrrrrrrr.......I got handicapping to do tomorrow and here I am
    fuckeeng with this shit.....

    --
    longshotjohn 7

    http://www.smartgroups.com/groups/hot2trot


    The world is a dangerous place, not because of those who do evil, but
    because of those who look on and do nothing. --Albert Einstein
     
    longshotjohn7, Aug 30, 2003
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. B.Al.Zeebub

    Re: Hijackthis question

    B.Al.Zeebub, Aug 29, 2003, in forum: Computer Support
    Replies:
    1
    Views:
    420
    longshotjohn7
    Aug 29, 2003
  2. °Mike°

    New version of HijackThis

    °Mike°, Oct 10, 2003, in forum: Computer Support
    Replies:
    7
    Views:
    535
    °Mike°
    Oct 10, 2003
  3. Stephanie

    My HiJackThis Results

    Stephanie, Oct 11, 2003, in forum: Computer Support
    Replies:
    7
    Views:
    1,827
    °Mike°
    Oct 11, 2003
  4. gary

    WMP, WMV & hijackthis question!

    gary, Oct 11, 2004, in forum: Computer Support
    Replies:
    0
    Views:
    354
  5. nunayer_beezwax

    Hijackthis Question..

    nunayer_beezwax, Nov 16, 2007, in forum: General Computer Support
    Replies:
    0
    Views:
    565
    nunayer_beezwax
    Nov 16, 2007
Loading...

Share This Page