Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hijack This Log


  • This topic is locked This topic is locked
1 reply to this topic

#1 swebeans

swebeans

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:39 AM

Posted 10 October 2005 - 12:55 PM

WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
c:Program FilesCommon FilesSymantec SharedccSetMgr.exe
c:Program FilesNorton AntiVirusnavapsvc.exe
c:Program FilesCommon FilesSymantec SharedSNDSrvc.exe
c:Program FilesCommon FilesSymantec SharedSPBBCSPBBCSvc.exe
c:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:PROGRA~1COMMON~1AOLACSAOLacsd.exe
c:Program FilesCommon FilesLightScribeLSSrvc.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
c:Program FilesNorton AntiVirusIWPNPFMntor.exe
C:WINDOWSsystem32svchost.exe
c:Program FilesCommon FilesSymantec SharedSecurity CenterSymWSC.exe
C:Program FilesJavaj2re1.4.2_03binjusched.exe
C:windowssystemhpsysdrv.exe
C:WINDOWSsystem32hkcmd.exe
C:WINDOWSsystem32hphmon06.exe
C:HPKBDKBD.EXE
C:Program FilesCommon FilesRealUpdate_OBrealsched.exe
C:Program FilesCommon FilesSymantec SharedccApp.exe
C:WINDOWSAGRSMMSG.exe
c:Program FilesNorton AntiVirusSAVScan.exe
C:hpdrivershplsbwatcherlsburnwatcher.exe
C:Program FilesQuickTimeqttask.exe
C:Program FilesCommon FilesAOLACSAOLDial.exe
C:WINDOWSSOUNDMAN.EXE
C:WINDOWSALCWZRD.EXE
C:WINDOWSALCMTR.EXE
C:Program FilesiTunesiTunesHelper.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesAIMaim.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesiPodbiniPodService.exe
C:Program FilesCommon FilesAOL1128008267eeAOLHostManager.exe
C:Program FilesCommon FilesAOL1128008267eeAOLServiceHost.exe
C:Program FilesAmerica Online 9.0aoltray.exe
C:Program FilesHPDigital Imagingbinhpqtra08.exe
C:Program FilesUpdates from HP309731ProgramUpdates from HP.exe
C:Program FilesCommon FilesAOL1128008267eeAOLServiceHost.exe
C:WINDOWSsystem32HPZipm12.exe
C:Program FilesSpyware CleanerSpywareCleaner.exe
C:Program FilesAmerica Online 9.0waol.exe
C:Program FilesAmerica Online 9.0shellmon.exe
C:Program FilesCommon FilesAolaoltpspd.exe
C:DOCUME~1HP_OwnerLOCALS~1TempTemporary Directory 5 for HijackThis.zipHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...lion&pf=desktop
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...lion&pf=desktop
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.optonline.net/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://3com.snap.com
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...lion&pf=desktop
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q=
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:Program FilesYahoo!CompanionInstallscpnycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: MSEvents Object - {6DD0BC06-4719-4BA3-BEBC-FBAE6A448152} - C:WINDOWSsystem32ssqpp.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:Program FilesNorton AntiVirusNavShExt.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:Program FilesHPDigital ImagingbinHPDTLK02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:Program FilesNorton AntiVirusNavShExt.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:Program FilesAOL Toolbartoolbar.dll (file missing)
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:Program FilesAIM ToolbarAIMBar.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpnycomp5_5_7_0.dll
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavaj2re1.4.2_03binjusched.exe
O4 - HKLM..Run: [hpsysdrv] c:windowssystemhpsysdrv.exe
O4 - HKLM..Run: [HotKeysCmds] C:WINDOWSsystem32hkcmd.exe
O4 - HKLM..Run: [HPHUPD06] c:Program FilesHP{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}hphupd06.exe
O4 - HKLM..Run: [HPHmon06] C:WINDOWSsystem32hphmon06.exe
O4 - HKLM..Run: [KBD] C:HPKBDKBD.EXE
O4 - HKLM..Run: [UpdateManager] "C:Program FilesCommon FilesSonicUpdate Managersgtray.exe" /r
O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [Recguard] C:WINDOWSSMINSTRECGUARD.EXE
O4 - HKLM..Run: [VTTimer] VTTimer.exe
O4 - HKLM..Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM..Run: [ccApp] "c:Program FilesCommon FilesSymantec SharedccApp.exe"
O4 - HKLM..Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM..Run: [PS2] C:WINDOWSsystem32ps2.exe
O4 - HKLM..Run: [LSBWatcher] c:hpdrivershplsbwatcherlsburnwatcher.exe
O4 - HKLM..Run: [Symantec NetDriver Monitor] C:PROGRA~1SYMNET~1SNDMon.exe /Consumer
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [AOLDialer] C:Program FilesCommon FilesAOLACSAOLDial.exe
O4 - HKLM..Run: [Pure Networks Port Magic] "C:PROGRA~1PURENE~1PORTMA~1PortAOL.exe" -Run
O4 - HKLM..Run: [ISUSPM Startup] C:PROGRA~1COMMON~1INSTAL~1UPDATE~1ISUSPM.exe -startup
O4 - HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -k
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM..Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe"
O4 - HKLM..Run: [HostManager] C:Program FilesCommon FilesAOL1128008267eeAOLHostManager.exe
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [AIM] C:Program FilesAIMaim.exe -cnetwait.odl
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [Spyware Cleaner] "C:Program FilesSpyware CleanerSpywareCleaner.Exe" /boot
O4 - Startup: HP Organize.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:Program FilesAmerica Online 9.0aoltray.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:Program FilesHPDigital Imagingbinhpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE
O4 - Global Startup: Updates from HP.lnk = C:Program FilesUpdates from HP309731ProgramUpdates from HP.exe
O8 - Extra context menu item: &AIM Search - res://C:Program FilesAIM ToolbarAIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &AOL Toolbar search - res://C:Program FilesAOL Toolbartoolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Add To HP Organize... - C:PROGRA~1HEWLET~1HPORGA~1bin/module.main/favoritesie_add_to.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MI1933~1OFFICE11EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavaj2re1.4.2_03binnpjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavaj2re1.4.2_03binnpjpi142_03.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:Program FilesAOL Toolbartoolbar.dll (file missing)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:Program FilesAOL Toolbartoolbar.dll (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:Program FilesAIMaim.exe
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:Program FilesCommon FilesMicrosoft SharedEncarta Search BarENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:Program FilesAWSWeatherBugWeather.exe (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://3com.snap.com
O16 - DPF: {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} (AOL Content Update) - http://esupport.aol.com/help/acp2/engine/aolcoach_core_1.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O17 - HKLMSystemCCSServicesTcpip..{AF1EDAC5-20C0-4742-B118-8E77A89476B5}: NameServer = 205.188.146.145
O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxsrvc.dll
O20 - Winlogon Notify: ssqpp - C:WINDOWSsystem32ssqpp.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:PROGRA~1COMMON~1AOLACSAOLacsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:PROGRA~1COMMON~1AOLAOLSPY~1\aolserv.exe (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:Program FilesCommon FilesSymantec SharedccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:Program FilesCommon FilesSymantec SharedccSetMgr.exe
O23 - Service: CWShredder Service - InterMute, Inc. - C:Documents and SettingsHP_OwnerLocal SettingsTemporary Internet FilesContent.IE51GNAI71Kcwshredder[1].exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:Program FilesiPodbiniPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:Program FilesCommon FilesLightScribeLSSrvc.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:Program FilesNorton AntiVirusnavapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - c:Program FilesNorton AntiVirusIWPNPFMntor.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - c:Program FilesNorton AntiVirusSAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:Program FilesCommon FilesSymantec SharedSNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:Program FilesCommon FilesSymantec SharedSPBBCSPBBCSvc.exe
O23 - Service: SpywareCleanerService - Secure Computer, LLC - C:Program FilesSpyware CleanerSCService.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:Program FilesCommon FilesSymantec SharedSecurity CenterSymWSC.exe



------------------------------------------------

Regards,

The BleepingComputer.com team.
http://www.bleepingcomputer.com/forums/index.php



Hi swe,

Please dont PM your HJT Log to me, post it on the forum i a reply to your topic,

Bertha



--------------------

Discover A Lost Art Play Marbles

Join the Fight Against Malware



Marillion.com
[ Add to Buddies ]

Jump to folder: Inbox Sent Items [ Forward PM | Reply ]




Forum Home Search Help Operating Systems |-- Windows 95/98*Grinler |-- Windows XP/NT/2000/2003 |-- Windows Vista Beta |-- Linux & Unix |-- Apple/DOS/PDA/Other Software and Hardware |-- Business Applications |-- Games |-- All other Applications |-- Hardware |-- Tips and Tricks |-- Graphics Design and Photo Editing |-- Audio and Video |-- Programming Internet & Networking |-- Web Browsing/Email and Other Internet Applications |-- Networking |-- Web Site Programming and Scripts Security |-- AntiVirus, Firewall and Privacy Products and Protection Methods |-- Microsoft AntiSpyware |-- Breaking Virus & Security News |-- Security Updates |-- HijackThis Logs and Analysis |-- Spyware Removal & Malware Self-Help and Reading Room General Topics |-- General Chat |-- Introductions |-- The Speak Easy |-- Forum Games and Bleeping Computer Arcade |-- Our Tutorials |-- News |-- Photo Albums and Images |-- Bleeping Computer Announcements, Comments, & Suggestions |-- Tests and Scribbles
English English.2 Lo-Fi Version Time is now: 10th October 2005 - 01:34 PM



About Us | Terms of Use | Privacy Policy | Contact Us | Support Bleeping Computer | Site Map | Chat | Tutorials
Discussion Forums | The Computer Glossary | Resources | Spyware/HJ Detector | RSS Feeds | Startups | The File Database | Add Mozilla Sidebar


Invision Power Board v2.1.1 2005 IPS, Inc.

BC AdBot (Login to Remove)

 


#2 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:02:39 AM

Posted 15 October 2005 - 07:27 PM

This is a duplicate posting.
swebeans is being helped by MowGreen
http://www.bleepingcomputer.com/forums/ind...topic=32356&hl=
If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users