Member Panel

Remember me ?

Forgot password?   

Sponsors and Ads

Join the Team

Live Tag Cloud
PC Forum PC Help Forum » Security & Safety » [Fixed] Hijackthis! Logs » [FIXED] My Hijack This Log

[Fixed] Hijackthis! Logs - [FIXED] My Hijack This Log posted in the Security & Safety forums; I wonderd if there is something here that i should fix... I would be happy if someone helped me =)? :-) (my english isen't so good :P) Logfile of HijackThis ...

JOIN US NOW to remove these Ads

Post New Thread  Reply
Page 1 of 3 1 2 3 >
  #1  
Old 07-27-2005
Bronze Member
  
Join Date: Jul 2005
Posts: 18
Hetzor - See this Members User comments on their Profile page
Default [FIXED] My Hijack This Log
I wonderd if there is something here that i should fix...
I would be happy if someone helped me =)? :-)
(my english isen't so good :P)

Logfile of HijackThis v1.99.0
Scan saved at 13:57:42, on 2005-07-27
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\cisvc.exe
c:\Program\Norton AntiVirus\navapsvc.exe
c:\Program\Norton Personal Firewall\NISUM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe
c:\Program\Norton Personal Firewall\ccPxySvc.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\Program\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\Program\Delade filer\InterVideo\SchSvr\SchSvr.exe
C:\Program\Delade filer\Symantec Shared\ccApp.exe
C:\Program\Multimedia Card Reader\shwicon2k.exe
C:\Program\Delade filer\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program\QuickTime\qttask.exe
C:\Program\Delade filer\Real\Update_OB\realsched.exe
C:\Program\Microsoft AntiSpyware\gcasServ.exe
C:\Program\iTunes\iTunesHelper.exe
C:\Program\MSN Messenger\msnmsgr.exe
C:\Program\AIRPLUS\D-Link AirPlus DWL-120+ Wireless USB Adapter\AIRPLUS.EXE
C:\Program\iPod\bin\iPodService.exe
C:\Program\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\System32\svchost.exe
c:\program\intern~1\iexplore.exe
C:\Program\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program\Windows Media Player\wmplayer.exe
C:\Program\LimeWire\LimeWire.exe
C:\Program\DC++\DCPlusPlus.exe
C:\Program\Messenger\msmsgs.exe
C:\PROGRAM\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.qmfftqsfusdc.org/NjvUuAY5...eYD7J6FvP.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login1.telia.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://login1.telia.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://security.symantec.com/default...d=sv&venid=sym
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = L?nkar
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {4F196DC9-733C-5F0D-6A72-1C859BE20EBB} - C:\DOCUME~1\GAREN~1.OSC\APPLIC~1\burnacid\Cake01.e xe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {B1442A84-0D1F-CA7F-4C97-168F56C49F70} - C:\DOCUME~1\GAREN~1.OSC\APPLIC~1\burnacid\Cake01.e xe
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program\Delade filer\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program\Delade filer\InterVideo\SchSvr\SchSvr.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program\Delade filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "c:\Program\Delade filer\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Sunkist2k] C:\Program\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program\Delade filer\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe"? -osboot
O4 - HKLM\..\Run: [JunkAdminInsideEach] C:\Documents and Settings\All Users\Application Data\Bash Wipe Junk Admin\fourlies.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\Program\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [websx] C:\Program\websx\int304946.exe -auto
O4 - HKLM\..\Run: [gcasServ] "C:\Program\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [BackupNotify] c:\Program\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [Internet Download Accelerator] C:\Program\IDA\ida.exe -autorun
O4 - HKCU\..\Run: [Free Download Manager] C:\Program\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [tons base] C:\DOCUME~1\GAREN~1.OSC\APPLIC~1\WAITKI~1\Pure spam corn.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: D-Link AirPlus DWL-120+ Wireless USB Adapter.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?Link...04&clcid=0x409
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://host.cycore.net/plugins/windo..._5.3.0.228.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/ca...C_1_0_0_44.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/20f807f2...p/RdxIE601.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - https://www.gamespyid.com/alaunch.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {E123BED4-B8C7-42BB-958F-F13CA77EF95D} (Anark Client ActiveX Control) - http://install.anark.com/client/vers...n/AMClient.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab31267.cab
O23 - Service: Symantec Event Manager - Symantec Corporation - c:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service - Symantec Corporation - c:\Program\Delade filer\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Proxy Service - Symantec Corporation - c:\Program\Norton Personal Firewall\ccPxySvc.exe
O23 - Service: iPod-tj?nst - Apple Computer, Inc. - C:\Program\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service - Symantec Corporation - c:\Program\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Personal Firewall Accounts Manager - Symantec Corporation - c:\Program\Norton Personal Firewall\NISUM.EXE
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe
  #2  
Old 07-27-2005
Bronze Member
  
Join Date: Jul 2005
Posts: 18
Hetzor - See this Members User comments on their Profile page
Default Re: My Hijack This Log
My sister borrowed my computer when i was away for three weeks and then i 'v got some **** on my computer and Microsoft Antispywere warned me that my start up page should be changed...quiet many times
  #3  
Old 07-27-2005
joe5's Avatar
Elite Member
My PC
 
Join Date: Jun 2005
Location: Netherlands
Posts: 9,044
joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page
Default Re: My Hijack This Log

Hello there , Hetzor.


You can fix these with hijackthis:

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - https://www.gamespyid.com/alaunch.cab

And do know what these are from? (don't fix them yet!)

O2 - BHO: (no name) - {4F196DC9-733C-5F0D-6A72-1C859BE20EBB} - C:\DOCUME~1\GAREN~1.OSC\APPLIC~1\burnacid\Cake01.e xe
O2 - BHO: (no name) - {B1442A84-0D1F-CA7F-4C97-168F56C49F70} - C:\DOCUME~1\GAREN~1.OSC\APPLIC~1\burnacid\Cake01.e xe
O4 - HKLM\..\Run: [JunkAdminInsideEach] C:\Documents and Settings\All Users\Application Data\Bash Wipe Junk Admin\fourlies.exe
O4 - HKCU\..\Run: [tons base] C:\DOCUME~1\GAREN~1.OSC\APPLIC~1\WAITKI~1\Pure spam corn.exe


__________________
- PCHF Team. - (NL) - Mal-ware Eradicator! -
  #4  
Old 07-27-2005
Bronze Member
  
Join Date: Jul 2005
Posts: 18
Hetzor - See this Members User comments on their Profile page
Default Re: My Hijack This Log
Hmm no idea...
What about this??
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.qmfftqsfusdc.org/NjvUuAY5...eYD7J6FvP.html
  #5  
Old 07-27-2005
merlin's Avatar
Trusted Security Analyst
My PC
 
Join Date: Jul 2005
Location: Wisconsin
Posts: 2,622
PC Experience: Computers Fear Me
merlin - See this Members User comments on their Profile page merlin - See this Members User comments on their Profile page
Send a message via Yahoo to merlin
Default Re: My Hijack This Log
You can aslo fix that one.. Post another log after fixing the items Joe suggested and the file you have shown

And also if you did not fix this entry:O4 - HKCU\..\Run: [tons base] C:\DOCUME~1\GAREN~1.OSC\APPLIC~1\WAITKI~1\Pure spam corn.exe
Please fix it, it is a spy/spam program. Unless you installed it to spyon someone I would fix it.


__________________
QuickTime Alternative..Hijackthis..SpeedFan..ATI Tool..Whats Running..Everest..Absolute Control..All Drivers
If you feel we saved you some money please help support this site by DONATING as this site is funded by great people like you

 OUT FOR LUNCH


  #6  
Old 07-27-2005
Bronze Member
  
Join Date: Jul 2005
Posts: 18
Hetzor - See this Members User comments on their Profile page
Default Re: My Hijack This Log
Logfile of HijackThis v1.99.0
Scan saved at 20:16:41, on 2005-07-27
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\cisvc.exe
c:\Program\Norton AntiVirus\navapsvc.exe
c:\Program\Norton Personal Firewall\NISUM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe
c:\Program\Norton Personal Firewall\ccPxySvc.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\Program\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\Program\Delade filer\InterVideo\SchSvr\SchSvr.exe
C:\Program\Delade filer\Symantec Shared\ccApp.exe
C:\Program\Multimedia Card Reader\shwicon2k.exe
C:\Program\Delade filer\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program\Delade filer\Real\Update_OB\realsched.exe
C:\Program\Internet Explorer\iexplore.exe
C:\Program\Microsoft AntiSpyware\gcasServ.exe
C:\Program\iTunes\iTunesHelper.exe
C:\Program\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program\iPod\bin\iPodService.exe
c:\program\intern~1\iexplore.exe
C:\Program\AIRPLUS\D-Link AirPlus DWL-120+ Wireless USB Adapter\AIRPLUS.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program\WINDOWS MEDIA PLAYER\WMPLAYER.EXE
C:\PROGRAM\MOZILL~1\FIREFOX.EXE
C:\Program\MSN Messenger\msnmsgr.exe
C:\HJT\HijackThis.exe
C:\Program\Messenger\msmsgs.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login1.telia.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://login1.telia.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://security.symantec.com/default...d=sv&venid=sym
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = L?nkar
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {4F196DC9-733C-5F0D-6A72-1C859BE20EBB} - C:\DOCUME~1\GAREN~1.OSC\APPLIC~1\burnacid\Cake01.e xe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {B1442A84-0D1F-CA7F-4C97-168F56C49F70} - C:\DOCUME~1\GAREN~1.OSC\APPLIC~1\burnacid\Cake01.e xe
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program\Delade filer\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program\Delade filer\InterVideo\SchSvr\SchSvr.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program\Delade filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "c:\Program\Delade filer\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Sunkist2k] C:\Program\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program\Delade filer\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [JunkAdminInsideEach] C:\Documents and Settings\All Users\Application Data\Bash Wipe Junk Admin\fourlies.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\Program\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [websx] C:\Program\websx\int304946.exe -auto
O4 - HKLM\..\Run: [gcasServ] "C:\Program\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [BackupNotify] c:\Program\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [Internet Download Accelerator] C:\Program\IDA\ida.exe -autorun
O4 - HKCU\..\Run: [Free Download Manager] C:\Program\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: D-Link AirPlus DWL-120+ Wireless USB Adapter.lnk = ?
O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?Link...04&clcid=0x409
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://host.cycore.net/plugins/windo..._5.3.0.228.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/ca...C_1_0_0_44.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/20f807f2...p/RdxIE601.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {E123BED4-B8C7-42BB-958F-F13CA77EF95D} (Anark Client ActiveX Control) - http://install.anark.com/client/vers...n/AMClient.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab31267.cab
O23 - Service: Symantec Event Manager - Symantec Corporation - c:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service - Symantec Corporation - c:\Program\Delade filer\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Proxy Service - Symantec Corporation - c:\Program\Norton Personal Firewall\ccPxySvc.exe
O23 - Service: iPod-tj?nst - Apple Computer, Inc. - C:\Program\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service - Symantec Corporation - c:\Program\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Personal Firewall Accounts Manager - Symantec Corporation - c:\Program\Norton Personal Firewall\NISUM.EXE
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe
  #7  
Old 07-27-2005
Bronze Member
  
Join Date: Jul 2005
Posts: 18
Hetzor - See this Members User comments on their Profile page
Default Re: My Hijack This Log
Should i fix those too??
O2 - BHO: (no name) - {4F196DC9-733C-5F0D-6A72-1C859BE20EBB} - C:\DOCUME~1\GAREN~1.OSC\APPLIC~1\burnacid\Cake01.e xe
O2 - BHO: (no name) - {B1442A84-0D1F-CA7F-4C97-168F56C49F70} - C:\DOCUME~1\GAREN~1.OSC\APPLIC~1\burnacid\Cake01.e xe
O4 - HKLM\..\Run: [JunkAdminInsideEach] C:\Documents and Settings\All Users\Application Data\Bash Wipe Junk Admin\fourlies.exe

Reply
Satellite TV on your PC - over 3000 Channels! Click Here!
Page 1 of 3 1 2 3 >

Bookmarks

« [Pending ] Need advice | [Fixed] My HijackThis Log »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On

Contact Us - PC Help Forum - Site Map - Privacy Statement - Top

All times are GMT +1. The time now is 05:11 PM.
Powered by vBulletin
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0 RC7
All Graphics & Content Copyright © 2004-2008 - PC Help Forum.com


Back to Top
Vegas Hotel
Vegas Hotel information and advice.

Home Loan
Home loan help from Ocean Finance.

Vegas Hotel
Vegas Hotel search