Need help reading hijack this log

Discussion in 'Computer Support' started by woodlandplayer, Aug 18, 2004.

  1. Having problem with highly annoying and obtrusive pop ups. If there is
    something in this log or other things that seem bad or not needed
    please inform!
    Any help is much apreciated!

    Logfile of HijackThis v1.98.2
    Scan saved at 10:06:39 PM, on 8/17/2004
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Executive Software\Diskeeper\DkService.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\System32\tcpsvcs.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\j2re1.4.2_02\bin\jusched.exe
    C:\Program Files\Adobe\Adobe Version
    Cue\ControlPanel\VersionCueTray.exe
    C:\PROGRA~1\PESTPA~1\PPControl.exe
    C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
    C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\RFA\rfagent.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\WINDOWS\System32\xynrb.exe
    C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Intuit\QuickBooks Premier - Accountant
    Edition\Components\QBAgent\qbdagent2002.exe
    C:\WINDOWS\System32\HPZipm12.exe
    C:\Program Files\Outlook Express\msimn.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    c:\WINDOWS\PCHEALTH\HELPCTR\System\panels\blank.htm
    F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
    O2 - BHO: (no name) - {49F33808-E430-0DCF-8627-62550BA17E3A} -
    C:\WINDOWS\System32\fggav.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
    C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
    Files\Java\j2re1.4.2_02\bin\jusched.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
    Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe
    Version Cue\ControlPanel\VersionCueTray.exe
    O4 - HKLM\..\Run: [PestPatrol Control Center]
    C:\PROGRA~1\PESTPA~1\PPControl.exe
    O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
    O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0
    -k
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP
    Software Update\HPWuSchd.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program
    Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [RFAgent] C:\Program Files\RFA\rfagent.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [Fkoctiw] C:\WINDOWS\System32\xynrb.exe
    O4 - Global Startup: Acrobat Assistant.lnk = C:\Program
    Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common
    Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program
    Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: QuickBooks 2002 Delivery Agent.lnk = C:\Program
    Files\Intuit\QuickBooks Premier - Accountant
    Edition\Components\QBAgent\qbdagent2002.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel -
    res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O16 - DPF: Yahoo! Spades -
    http://download.games.yahoo.com/games/clients/y/st2_x.cab
    O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software
    AutoUpdate) - http://www.creative.com/su/ocx/12119/CTSUEng.cab
    O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector
    Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
    O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj
    Class) - http://h30043.www3.hp.com/aio/en/check/qdiagh.cab?319
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software
    AutoUpdate Support Package) -
    http://www.creative.com/su/ocx/12119/CTPID.cab
    O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} -
    C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll
     
    woodlandplayer, Aug 18, 2004
    #1
    1. Advertisements

  2. woodlandplayer

    °Mike° Guest

    End Task the above process (CTRL+ALT+DEL).


    Have HijackThis fix the above. Delete the fggav.dll file
    and empty the recycle bin.

    Have HijackThis fix the above. Delete the xynrb.exe file
    and empty the recycle bin.
     
    °Mike°, Aug 18, 2004
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.