Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My Hijackthis Log.


  • This topic is locked This topic is locked
1 reply to this topic

#1 hetzer

hetzer

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:08 PM

Posted 08 October 2006 - 07:41 AM

Ok, now im desperate. My collage laptop has decided to fall apart.
I think i had a virus called ishost.exe a 4 days agoo. I managed to get rid of that.
The laptop worked for about 7 hours then it started fu****g with me agian.
Done every virus scan i have on the comp, ad-adware, spybot s&d.

So now i hope any one here could find whats wrong.
p.s i cant connect to the internet on the laptop so i used my usb stick.
I cant get a ip adress on my router, I had to pre set the ip to a ip i know that it work in my network (wireless).
So the internet works on my stationery comp. (duh :thumbsup: ).

Here comes the hijackthislog on my laptop.

Logfile of HijackThis v1.99.1
Scan saved at 14:27:33, on 2006-10-08
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Intel\Wireless\Bin\EvtEng.exe
C:\Program\Intel\Wireless\Bin\S24EvMon.exe
C:\Program\Intel\Wireless\Bin\WLKeeper.exe
C:\Program\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program\Dell\Bluetooth Software\bin\btwdins.exe
C:\Program\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program\F-Secure\fswsclds.exe
C:\Program\F-Secure\Anti-Virus\fssm32.exe
C:\Program\Intel\Wireless\Bin\RegSrvc.exe
C:\Program\F-Secure\Common\FSMA32.EXE
C:\Program\F-Secure\Common\FSMB32.EXE
C:\Program\F-Secure\Common\FCH32.EXE
C:\Program\F-Secure\Common\FAMEH32.EXE
C:\Program\Apoint\Apoint.exe
C:\Program\Dell\QuickSet\quickset.exe
C:\Program\F-Secure\Common\FSM32.EXE
C:\Program\Apoint\Apntex.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program\D-Tools\daemon.exe
C:\Program\QuickTime\qttask.exe
C:\WINDOWS\system32\YSTEM3~1\regedit.exe
C:\WINDOWS\?ystem\t?skmgr.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Documents and Settings\fr89vima\Skrivbord\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/se/sve/gen/default.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gymnasium.sundsvall.se
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell.com/countries/se/sve/gen/default.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {EC17EEDF-753E-06C9-14F2-01E2EA707AB5} - C:\WINDOWS\system32\ukg.dll
O3 - Toolbar: &VSToolBar - {821F87FF-8245-4972-9E28-732E92EC2F51} - C:\Program\VSToolbar\VSToolBar.dll
O4 - HKLM\..\Run: [Apoint] C:\Program\Apoint\Apoint.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelZeroConfig] C:\Program\Intel\Wireless\bin\ZCfgSvc.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [updateMgr] "C:\Program\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [Mesa] "C:\WINDOWS\system32\YSTEM3~1\regedit.exe" -vt yazb
O4 - HKCU\..\Run: [Jafb] C:\WINDOWS\?ystem\t?skmgr.exe
O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program\Dell\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: FirstClass® - {02011FE3-C22B-451d-9A25-BF4DBB38B8E7} - C:\WINDOWS\Downloaded Program Files\fcplugin.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP chain gap (#18 in chain of 24 missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.gymnasium.sundsvall.se
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {9C196458-4145-46AF-8A77-1506878DFECA} (FirstClass® Control) - http://skola.sundsvall.se/ClientDownloads/fcplugin.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by110fd.bay110.hotmail.msn.com/activex/HMAtchmt.ocx
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = karavanen.local
O17 - HKLM\Software\..\Telephony: DomainName = karavanen.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = karavanen.local
O18 - Protocol: fcp - {B3133379-8789-4D3C-9593-C205D7297501} - C:\WINDOWS\Downloaded Program Files\fcplugin.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\Program\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\System32\btxppanel.dll
O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - Unknown owner - C:\Program\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program\Dell\Bluetooth Software\bin\btwdins.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: F-Secure BackWeb LAN Access - Unknown owner - C:\Program\F-Secure\BackWeb\7681197\Program\fsbwlan.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program\F-Secure\Common\FNRB32.EXE
O23 - Service: F-Secure Authentication Agent (FSAA) - F-Secure Corporation. All Rights Reserved. - C:\Program\F-Secure\Common\FSAA.EXE
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program\F-Secure\Common\FSMA32.EXE
O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - F-Secure Corporation - C:\Program\F-Secure\fswsclds.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program\Delade filer\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MD Simple Burner Service (NetMDSB) - Sony Corporation - C:\Program\Sony\MD Simple Burner\NetMDSB.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program\Delade filer\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program\Intel\Wireless\Bin\WLKeeper.exe

---------------------------------------------------------------------------------------------------------------

Thanks on beforehand.

BC AdBot (Login to Remove)

 


#2 hetzer

hetzer
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:08 PM

Posted 11 October 2006 - 02:19 AM

Nevermind this one, got help from another site.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users