Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Microsoft Network Information


  • Please log in to reply
1 reply to this topic

#1 hoboken

hoboken

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:12 AM

Posted 11 May 2005 - 10:36 PM

Hi - Im having the same problem as carioca Posted: Apr 24 2005 and rmz (posted Mar 28 2205). I ran HJT, but I get a different log output than they did, so I don't want to risk messing anything up by doing the exact same thing they did... Can you please help me out? Here is my HJT log below. Thanks!

Logfile of HijackThis v1.99.1
Scan saved at 11:31:49 PM, on 5/11/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesAheadInCDInCDsrv.exe
C:Program FilesNetwork AssociatesCommon FrameworkFrameworkService.exe
C:Program FilesNetwork AssociatesVirusScanmcshield.exe
C:Program FilesNetwork AssociatesVirusScan stskmgr.exe
C:WINDOWSSystem32WLTRYSVC.EXE
C:WINDOWSSystem32cmwltry.exe
C:WINDOWSsystem32wscntfy.exe
C:WINDOWSExplorer.EXE
C:WINDOWSSystem32hkcmd.exe
C:Program FilesCommon FilesRealUpdate_OBevntsvc.exe
C:Program FilesAheadInCDInCD.exe
C:Program FilesQuickTimeqttask.exe
C:Program FilesiTunesiTunesHelper.exe
C:WINDOWSstisvsq.exe
C:WINDOWSsvshost.exe
C:Program FilesiPodiniPodService.exe
C:WINDOWSmsqdevl.exe
C:WINDOWSlssas.exe
C:WINDOWSmservice.exe
C:Program FilesNetwork AssociatesVirusScanSHSTAT.EXE
C:Program FilesNetwork AssociatesCommon FrameworkUpdaterUI.exe
C:WINDOWSsystem32ctfmon.exe
C:WINDOWSiau.exe
C:Program FilesSpybot - Search & DestroyTeaTimer.exe
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FileseFax Messenger Plus 3.3J2GDllCmd.exe
C:Program FilesGroove NetworksGrooveBinGroove.exe
C:Program FilesInterVideoCommonBinWinCinemaMgr.exe
C:Program FilespalmOneHOTSYNC.EXE
C:WINDOWSsystem32wuauclt.exe
C:Program FilesMozilla Firefox irefox.exe
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesInternet ExplorerIEXPLORE.EXE
D: mp mpHijackThis.exe
C:Program FilesInternet ExplorerIEXPLORE.EXE

R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = http=http://127.0.0.1:8080
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:Program FilesGroove NetworksGrooveBinGrooveShellExtensions.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM..Run: [IgfxTray] C:WINDOWSSystem32igfxtray.exe
O4 - HKLM..Run: [HotKeysCmds] C:WINDOWSSystem32hkcmd.exe
O4 - HKLM..Run: [TkBellExe] C:Program FilesCommon FilesRealUpdate_OBevntsvc.exe -osboot
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [InCD] C:Program FilesAheadInCDInCD.exe
O4 - HKLM..Run: [removecpl] RemoveCpl.exe
O4 - HKLM..Run: [WinampAgent] "C:Program FilesWinamp3winampa.exe"
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [iTunesHelper] C:Program FilesiTunesiTunesHelper.exe
O4 - HKLM..Run: [Microsoft Internet Acceleration Utility] iau.exe
O4 - HKLM..Run: [Internet Connection Wizard] stisvsq.exe
O4 - HKLM..Run: [Games Acceleration] svshost.exe
O4 - HKLM..Run: [Internet Mail and News] msqdevl.exe
O4 - HKLM..Run: [Microsoft Management Console] lssas.exe
O4 - HKLM..Run: [Multimedia extensions] mservice.exe
O4 - HKLM..Run: [ShStatEXE] "C:Program FilesNetwork AssociatesVirusScanSHSTAT.EXE" /STANDALONE
O4 - HKLM..Run: [McAfeeUpdaterUI] "C:Program FilesNetwork AssociatesCommon FrameworkUpdaterUI.exe"
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [Microsoft Internet Acceleration Utility] iau.exe
O4 - HKCU..Run: [Internet Connection Wizard] stisvsq.exe
O4 - HKCU..Run: [Games Acceleration] svshost.exe
O4 - HKCU..Run: [Internet Mail and News] msqdevl.exe
O4 - HKCU..Run: [Microsoft Management Console] lssas.exe
O4 - HKCU..Run: [Multimedia extensions] mservice.exe
O4 - HKCU..Run: [SpybotSD TeaTimer] C:Program FilesSpybot - Search & DestroyTeaTimer.exe
O4 - Startup: HotSync Manager.lnk = C:Program FilespalmOneHOTSYNC.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: eFax Live Menu 3.3.lnk = C:Program FileseFax Messenger Plus 3.3J2GDllCmd.exe
O4 - Global Startup: eFax Tray Menu 3.3.lnk = C:Program FileseFax Messenger Plus 3.3J2GTray.exe
O4 - Global Startup: Groove Virtual Office.lnk = C:Program FilesGroove NetworksGrooveBinGroove.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:Program FilesInterVideoCommonBinWinCinemaMgr.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O12 - Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll
O15 - Trusted Zone: http://www.usaa.com
O15 - Trusted Zone: http://www.lc.usaa.com
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxsrvc.dll
O23 - Service: Groove Audit Service (GrooveAuditService) - Groove Networks, Inc. - C:Program FilesGroove NetworksGrooveBinGrooveAuditService.exe
O23 - Service: Groove Installer Service (GrooveInstallerService) - Groove Networks, Inc. - C:Program FilesGroove NetworksGrooveBinGrooveInstallerService.exe
O23 - Service: GrooveRunOnceInstaller - Unknown owner - <PROGRAMDIR>GrooveRunOnceInstaller.exe (file missing)
O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:Program FilesAheadInCDInCDsrv.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:Program FilesiPodiniPodService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:Program FilesNetwork AssociatesCommon FrameworkFrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:Program FilesNetwork AssociatesVirusScanmcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:Program FilesNetwork AssociatesVirusScan stskmgr.exe
O23 - Service: WLTRYSVC - Unknown owner - C:WINDOWSSystem32WLTRYSVC.EXE

BC AdBot (Login to Remove)

 


#2 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,542 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:12 AM

Posted 12 May 2005 - 12:11 PM

Please run two online virus scans:

http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
http://www.kaspersky.com/service?chapter=161739400#betatest

Then let us know if its working better and what the scans found.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users