Jump to content

Hijack log help


aznboi979

Recommended Posts

Hi i just ran a scan for log and not know what to fix.

Thanks for your time =)

Logfile of HijackThis v1.99.1

Scan saved at 7:38:30 PM, on 12/21/2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:WINDOWSSystem32smss.exe

C:WINDOWSsystem32csrss.exe

C:WINDOWSsystem32winlogon.exe

C:WINDOWSsystem32services.exe

C:WINDOWSsystem32lsass.exe

C:WINDOWSsystem32svchost.exe

C:WINDOWSsystem32svchost.exe

C:WINDOWSSystem32svchost.exe

C:WINDOWSSystem32svchost.exe

C:WINDOWSSystem32svchost.exe

C:WINDOWSsystem32LEXBCES.EXE

C:WINDOWSsystem32LEXPPS.EXE

C:WINDOWSsystem32spoolsv.exe

C:WINDOWSExplorer.EXE

C:WINDOWSSystem32hkcmd.exe

C:Program FilesYahoo!browserybrwicon.exe

C:Program FilesVisual NetworksVisual IP InSightSBCIPClient.exe

C:Program FilesVisual NetworksVisual IP InSightSBCIPMon32.exe

C:PROGRA~1GrisoftAVGFRE~1avgamsvr.exe

C:PROGRA~1GrisoftAVGFRE~1avgcc.exe

C:PROGRA~1Yahoo!browserycommon.exe

C:PROGRA~1GrisoftAVGFRE~1avgupsvc.exe

C:PROGRA~1GrisoftAVGFRE~1avgemc.exe

C:PROGRA~1SPYWAR~1swdoctor.exe

C:Program FilesNorton Internet SecurityNorton AntiVirusnavapsvc.exe

C:Program FilesCommon FilesSymantec SharedSNDSrvc.exe

C:WINDOWSSystem32svchost.exe

C:WINDOWSSystem32alg.exe

C:ValveSteamSteam.exe

C:Program FilesAIMaim.exe

C:Program FilesMozilla Firefoxfirefox.exe

C:Documents and SettingsPhillip ChungMy DocumentsHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = about:blank

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = about:blank

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = about:blank

R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = about:blank

R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext = http://adsonwww.com/servlet/ajrotator/128447/0/viewHTML?zone=enternet

O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:PROGRA~1SPYWAR~1toolsiesdsg.dll

O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:PROGRA~1SPYWAR~1toolsiesdpb.dll

O2 - BHO: Internet Explorer Web Content Catcher  - {FFF4E223-7019-4ce7-BE03-D7D3C8CCE884} - C:Program FilesDNSCatcher.dll

O4 - HKLM..Run: [igfxTray] C:WINDOWSSystem32igfxtray.exe

O4 - HKLM..Run: [HotKeysCmds] C:WINDOWSSystem32hkcmd.exe

O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe"

O4 - HKLM..Run: [urlLSTCK.exe] C:Program FilesNorton Internet SecurityUrlLstCk.exe

O4 - HKLM..Run: [symantec NetDriver Monitor] C:PROGRA~1SYMNET~1SNDMon.exe /Consumer

O4 - HKLM..Run: [Dell AIO Printer A920] "C:Program FilesDell AIO Printer A920dlbkbmgr.exe"

O4 - HKLM..Run: [YBrowser] C:Program FilesYahoo!browserybrwicon.exe

O4 - HKLM..Run: [iPInSightLAN 02] "C:Program FilesVisual NetworksVisual IP InSightSBCIPClient.exe" -l

O4 - HKLM..Run: [iPInSightMonitor 02] "C:Program FilesVisual NetworksVisual IP InSightSBCIPMon32.exe"

O4 - HKLM..Run: [Olympic] C:Documents and SettingsPhillip ChungApplication DatasgruntIE4321.exe

O4 - HKLM..Run: [system service79] C:WINDOWSetbpokapoka79.exe

O4 - HKLM..Run: [AVG7_CC] C:PROGRA~1GrisoftAVGFRE~1avgcc.exe /STARTUP

O4 - HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe

O4 - HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -k

O4 - HKCU..Run: [AIM] C:Program FilesAIMaim.exe -cnetwait.odl

O4 - HKCU..Run: [services32] C:Program FilesCommon FilesWindowsmc-67-525-0000166.exe

O4 - HKCU..Run: [DNS] C:Program FilesCommon Filesmc-67-525-0000166.exe

O4 - HKCU..Run: [spyware Doctor] C:PROGRA~1SPYWAR~1swdoctor.exe /Q

O4 - HKCU..Run: [steam] "c:valvesteamsteam.exe" -silent

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSystem32msjava.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSystem32msjava.dll

O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:Program FilesYahoo!Commonylogin.dll

O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:Program FilesYahoo!Commonylogin.dll

O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:PROGRA~1SPYWAR~1toolsiesdpb.dll

O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:Program FilesYahoo!Messengeryhexbmes.dll

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:Program FilesYahoo!Messengeryhexbmes.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%bdoscandel.exe (file missing)

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:Program FilesAIMaim.exe

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe (file missing)

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe (file missing)

O12 - Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll

O16 - DPF: {00001021-A15C-11D4-97A4-0050BF0FBE67} (NetmarbleStarter21 Class) - http://download.netmarble.com/web/nmstarter/NMStarter21.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {20050325-D35A-4233-926E-2E801AE25949} (NMJPStarter15 Class) - http://www.netmarble.jp/_common/cab/NMStarterJP5.cab

O16 - DPF: {26417FBF-5235-4084-B8FD-DA6A956CE837} (CPActiveXGameRun Control) - http://game.netmarble.jp//_common/cab/CPActiveXGameRun.cab

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/SSC/SharedContent/vc/bin/AvSniff.cab

O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.1.1.74.cab

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/135de631fcc68f432303/netzip/RdxIE601.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

O16 - DPF: {6FC19219-C47E-4880-9A79-D218A1C374F9} (NMJTransX Control) - http://file.netmarble.jp/Control/NMJTransX.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} (NPX Control) - http://download.netmarble.com/nProtect/nprotect/npx.cab

O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxsrvc.dll

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVGFRE~1avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVGFRE~1avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVGFRE~1avgemc.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccProxy.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSetMgr.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:WINDOWSsystem32LEXBCES.EXE

O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:Program FilesNorton Internet SecurityNorton AntiVirusnavapsvc.exe

O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:WINDOWSSystem32npkcsvc.exe

O23 - Service: SAVScan - Symantec Corporation - C:Program FilesNorton Internet SecurityNorton AntiVirusSAVScan.exe

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:PROGRA~1COMMON~1SYMANT~1SCRIPT~1SBServ.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSNDSrvc.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSecurity CenterSymWSC.exe

O23 - Service: YPCService - Yahoo! Inc. - C:WINDOWSSYSTEM32YPCSER~1.EXE

Link to comment
Share on other sites

Its amazing how we tend to cycle through the same issues in these forums.  Anyway, I hope the below link helps aznboi970?  Please make sure you read carefully.

Your Friend,

compuworm

http://www.testmy.net/forum/index.php?topic=8306.0

P.S. In the future maybe it would be a good idea not to post possibly sensitive information such as the scan log of your system.

Link to comment
Share on other sites

Hey, NICE RIDE, but still, COKNUCK, the name (Please, I mean no offense) brings forth a rather sexual interpretation.  I understand now the origin, interesting!  But, each to their own, right, I mean come on what kind of name is compuworm?  Computer + Bookworm = compuworm, right-NO.  I need a life!

Take Care have a Merry Christmas and a Happy New Year my Friend.  Toss a couple back for me (cant drink myself).

Link to comment
Share on other sites

×
×
  • Create New...