Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HJT log


  • Please log in to reply
1 reply to this topic

#1 turboman

turboman

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:05:24 PM

Posted 13 July 2005 - 02:28 AM

Logfile of HijackThis v1.99.1
Scan saved at 2:23:06 AM, on 7/13/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\EloSrvce.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe
C:\WINDOWS\System32\EloDkMon.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\FLStudio4\FL.exe
C:\Program Files\AIM95\aim.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\BPFTP\bpftpserver.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Admin\LOCALS~1\Temp\Rar$EX00.958\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = ftp://24.31.27.111/
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [WildTangent CDA] "C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe" /startup "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0500.dll"
O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} (WildTangent Active Launcher) - http://install.wildtangent.com/ActiveLaunc...iveLauncher.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C6CDB8AE-92D0-4F4F-B18C-3D09132451C6}: NameServer = 192.168.1.1
O23 - Service: EloSystemService - Elo Touchsystems, Inc. - C:\WINDOWS\System32\EloSrvce.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

BC AdBot (Login to Remove)

 


#2 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,660 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:05:24 PM

Posted 14 July 2005 - 02:05 PM

What problems are you having? I really do not see anything wrong here. This entry does not seem normal so if you do not know what it is fix it hijackthis:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = ftp://24.31.27.111/

To fix it , start hijackthis, click on scan, put a checkmark next to this entry and press fix.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users