Search:  

 
theme to white backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » Help with HJT Log
Search Topic:
Uniqs:
290		 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
HJT Log...need tojan fix »
« HJT Log  
AuthorAll Replies


dEeHC0Y
Premium
join:2002-12-10
Panorama City, CA
clubs:

Help with HJT Log

Helping a friend out.

*_* Being forgetful & lazy (and also computer illiterate), I don't run virus checks often. Today, I did a virus scan with SpyKiller, and it found about 200 severe viruses on my pc
Here is her HJT result. Can anyone help her? Thanks.

>Hmm, I did a hijackthis scan, but I don't understand the result:

Logfile of HijackThis v1.99.1
Scan saved at 6:02:17 PM, on 10/23/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:PROGRA~1COMMON~1AOLACScsd.exe
c:PROGRA~1mcafee.com somcvsrte.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32wdfmgr.exe
C:WINDOWSwanmpsvc.exe
c:PROGRA~1mcafee.com somcshield.exe
C:PROGRA~1COMMON~1StardockSDMCP.exe
C:WINDOWSExplorer.EXE
C:WINDOWSSystem32hkcmd.exe
C:WINDOWSBCMSMMSG.exe
C:WINDOWSsystem32dla fswctrl.exe
C:WINDOWSSystem32DSentry.exe
C:Program FilesDellMedia ExperiencePCMService.exe
C:PROGRA~1mcafee.comgentmcagent.exe
C:Program FilesCommon FilesDellEUSWSupport.exe
C:PROGRA~1mcafee.com somcvsshld.exe
C:WINDOWSSystem32ezSP_Px.exe
C:WINDOWSSystem32spoolDRIVERSW32X86E_S0EIC1.EXE
C:WINDOWSSystem32cnbjmon8.exe
C:Program FilesDellSupportAlertinNotifyAlert.exe
C:Program FilesDU MeterDUMeter.exe
C:Program FilesNetLimiterNetLimiter.exe
C:Program FilesCommon FilesRealUpdate_OB
ealsched.exe
C:WINDOWSSystem3298_150_ni_2.exe
C:Program FilesOperaOpera.exe
C:Documents and SettingsYuJBDesktopYouSendIt DownloadshijackthisHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = »www.dell4me.com/myway
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = »www.yahoo.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = »websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q=
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:WINDOWSsystem32dla fswshx.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:PROGRA~1FlashGetjccatch.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:Program FilesNetTransport 2NTIEHelper.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - (no file)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:PROGRA~1FlashGet giebar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx
O4 - HKLM..Run: [IgfxTray] C:WINDOWSSystem32igfxtray.exe
O4 - HKLM..Run: [HotKeysCmds] C:WINDOWSSystem32hkcmd.exe
O4 - HKLM..Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM..Run: [dla] C:WINDOWSsystem32dla fswctrl.exe
O4 - HKLM..Run: [StorageGuard] "C:Program FilesCommon FilesSonicUpdate Managersgtray.exe" /r
O4 - HKLM..Run: [DVDSentry] C:WINDOWSSystem32DSentry.exe
O4 - HKLM..Run: [PCMService] "C:Program FilesDellMedia ExperiencePCMService.exe"
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [VSOCheckTask] "c:PROGRA~1mcafee.com somcmnhdlr.exe" /checktask
O4 - HKLM..Run: [MCAgentExe] c:PROGRA~1mcafee.comgentmcagent.exe
O4 - HKLM..Run: [MCUpdateExe] C:PROGRA~1mcafee.comgentMcUpdate.exe
O4 - HKLM..Run: [DwlClient] C:Program FilesCommon FilesDellEUSWSupport.exe
O4 - HKLM..Run: [VirusScan Online] c:PROGRA~1mcafee.com somcvsshld.exe
O4 - HKLM..Run: [ezShieldProtector for Px] C:WINDOWSSystem32ezSP_Px.exe
O4 - HKLM..Run: [NeroCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [EPSON Stylus Photo 820 Series] C:WINDOWSSystem32spoolDRIVERSW32X86E_S0EIC1.EXE /P29 "EPSON Stylus Photo 820 Series" /O5 "LPT1:" /M "Stylus Photo 820"
O4 - HKLM..Run: [bc6633b7dc87] C:WINDOWSSystem32cnbjmon8.exe
O4 - HKLM..Run: [WebRebates0] "C:Program FilesWeb_RebatesWebRebates0.exe"
O4 - HKLM..Run: [ca803a0cbacc] C:WINDOWSSystem32idispl3.exe
O4 - HKLM..Run: [EbatesMoeMoneyMaker0] "C:Program FilesEbates_MoeMoneyMakerEbatesMoeMoneyMaker0.exe"
O4 - HKLM..Run: [DU Meter] C:Program FilesDU MeterDUMeter.exe
O4 - HKLM..Run: [NetLimiter] C:Program FilesNetLimiterNetLimiter.exe /s
O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OB
ealsched.exe" -osboot
O4 - HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -k
O4 - HKCU..Run: [ClockSync] C:PROGRA~1CLOCKS~1Sync.exe /q
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [ntmsapi] C:WINDOWSSystem32
tmsapi.exe
O4 - HKCU..Run: [SpyKiller] C:Program FilesSpyKillerspykiller.exe /startup
O4 - HKCU..Run: [BestPopUpKiller] C:Program FilesBestPopUpKillerBestPopupKiller.exe /startup
O4 - HKCU..Run: [MsnMsgr] "C:Program FilesMSN MessengerMsnMsgr.Exe" /background
O4 - HKCU..Run: [197_150_ni_2] C:WINDOWSSystem3297_150_ni_2.exe
O4 - HKCU..Run: [198_150_ni_2] C:WINDOWSSystem3298_150_ni_2.exe
O4 - HKCU..Run: [Ehhr] "C:Program Files aotnoo.exe" -vt rbnd
O4 - Startup: HDDlife.lnk = C:Program FilesHDDlifeHDDlife.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeAcrobat 7.0Reader
eader_sl.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:Program FilesAmerica Online 9.0oltray.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOfficeOSA9.EXE
O8 - Extra context menu item: Add to AD Black List - C:Program FilesAvant BrowserAddToADBlackList.htm
O8 - Extra context menu item: Block All Images from the Same Server - C:Program FilesAvant BrowserAddAllToADBlackList.htm
O8 - Extra context menu item: Download All by FlashGet - C:Program FilesFlashGetjc_all.htm
O8 - Extra context menu item: Download all by Net Transport - C:Program FilesNetTransport 2NTAddList.html
O8 - Extra context menu item: Download by Net Transport - C:Program FilesNetTransport 2NTAddLink.html
O8 - Extra context menu item: Download using FlashGet - C:Program FilesFlashGetjc_link.htm
O8 - Extra context menu item: Highlight - C:Program FilesAvant BrowserHighlight.htm
O8 - Extra context menu item: Open All Links in This Page... - C:Program FilesAvant BrowserOpenAllLinks.htm
O8 - Extra context menu item: Search - C:Program FilesAvant BrowserSearch.htm
O8 - Extra context menu item: Web Rebates - file://C:Program FilesWeb_RebatesSy1150Tp1150scri1150a.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSystem32msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSystem32msjava.dll (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:WINDOWSSystem32Shdocvw.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:PROGRA~1FlashGet lashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:PROGRA~1FlashGet lashget.exe
O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:Program FilesEbates_MoeMoneyMakerSy350Tp350scri350a.htm (file missing) (HKCU)
O16 - DPF: v3cab - »searchmiracle.com/cab/v3cab.cab
O16 - DPF: {072039AB-2117-4ED5-A85F-9B9EB903E021} (NowStarter Control) - »www.clubbox.co.kr/neo.fld/NowStarter.cab
O16 - DPF: {2C197E55-080B-42A4-BFD0-9595B3534CF4} (KVPplugin00 Control) - »https://www.vpay.co.kr/KVPplugin01.cab
O16 - DPF: {340CCF52-D65F-4A11-80B3-13DC23697B59} (BugsInstall Control) - »player.bugs.co.kr/install/BugsIn···0_04.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - »by22fd.bay22.hotmail.msn.com/res···Upld.cab
O16 - DPF: {87067F04-DE4C-4688-BC3C-4FCF39D609E7} - »download.websearch.com/Dnl/T_501···_AS2.cab
O16 - DPF: {8EF27A70-DD04-11D6-B7F6-00A0C9CD5F8A} - »www.quikshield.com/qshsetup.exe
O16 - DPF: {9BED3AC7-E6D4-43E7-B8A1-1FA502F639E1} (XTools Control) - »player.bugs.co.kr/install/mv/XTools.cab
O16 - DPF: {B27CD839-871B-404F-9AB3-68B942D11BF4} (Oi Control) - »listen.daum.net/52st.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - »messenger.msn.com/download/MsnMe···ader.cab
O16 - DPF: {B7F6F3B0-F5D3-4C9D-A610-1619059CF55A} (ClickPopWeb Control) - »activexdown.paran.com/paranactiv···Pop2.cab
O16 - DPF: {C4662AFB-2596-4C42-8F56-A313C2823C0F} (WMLyrics Control) - »www.mylisten.com/wmi/WMLyrics.cab
O16 - DPF: {EACD6BE5-C0EE-4909-9B71-B2807C8A245C} (JukeOn Login Control) - »jukeon.dl.sayclub.com/jukeon/juk···onax.cab
O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxsrvc.dll
O20 - Winlogon Notify: MCPClient - C:PROGRA~1COMMON~1Stardockmcpstub.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:PROGRA~1COMMON~1AOLACScsd.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:PROGRA~1mcafee.com somcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:PROGRA~1McAfee.comAgentmcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:PROGRA~1mcafee.com somcvsrte.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:PROGRA~1COMMON~1SONYSH~1AVLibSptisrv.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:WINDOWSwanmpsvc.exe
to forum · permalink · · 2005-10-24 22:35:35 · (locked)


La Luna
Surviving Ashraful
Premium
join:2001-07-12
Warwick, NY
clubs:		 Please follow the instructions here:

»Security »I think my computer is infected or hijacked. What should I do?
to forum · permalink · · 2005-10-24 22:39:54 · (locked)
Thread is
Forums » Up and Running » Security » SecurityHJT Log...need tojan fix »
« HJT Log  

Wednesday, 09-Dec 10:24:36 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [197] Sprint Sued For Distracted Driving Death
· [81] 3G Network Test Says AT&T Is Tops
· [72] Mediacom Unveils 105 Mbps Pricing
· [62] Sprint Poised For A Turnaround?
· [56] WPA Cracker: Test WPA-PSK Networks In 20 Minutes
· [50] The Future Of Wi-Fi Is Bright
· [47] Site Leaks Yahoo, Verizon Fed Data Share Pricing
· [44] Microwaving Your Innards Is Not 'Extreme'
· [39] Verizon LTE: 5-12 Mbps Downstream
· [23] AT&T Launching New 24 Mbps U-Verse Tier
Most people now reading
· Comcast refused to install 400' feet. [Comcast HSI]
· Windows 7 boot manager editing questions [Microsoft Help]
· HOA Headaches [General Questions]
· New PvE Content [World of Warcraft]
· Buzzing whatchamacallit in ceiling...?? Help identify. [Home Repair & Improvement]
· [How to] Install Asterisk on an Asus WL-520GU router [VOIP Tech Chat]
· Am I reading this right in my new lease? [General Questions]
· buffs, nerfs, and 3.3 [World of Warcraft]
· Account Hacked With Authenticator [World of Warcraft]
· IMG 1.7 (IMG Updates and Discussion) [Verizon FIOS TV]