|
|||||||||
|
|||||||||
| |||||||||
|
|||||||||
|
|||||||||
| |||||||||
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
Dev Shed Forums Sponsor:
|
|
You don't need a fax machine to get faxes. Get a fax-to-email fax number from CallWave. Try it free.
|
|
#1
July 30th, 2004, 11:11 PM
|
|||
|
|||
|
Hijack This Help???
I am new to all of this (even forums) and I am looking for some help I am concerned I am concerned about the stuff below the ********************************
If anyone can help I would appreciate it... Thanks in advance Logfile of HijackThis v1.98.0 Scan saved at 3:48:28 PM, on 7/29/2004 Platform: Windows 2000 SP2 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\WINNT\System32\svchost.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\Explorer.EXE C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Internet Optimizer\optimize.exe C:\WINNT\System32\vqjajku.exe C:\Program Files\Internet Optimizer\actalert.exe C:\Program Files\Hewlett-Packard\LaserJet All-in-one\hppdirector.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\WINNT\System32\hppapml0.exe C:\Documents and Settings\Paul Esterline\My Documents\Paul\Computer Stuff\Fixing Browser Issues\HijackThis.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.f612.mail.yahoo.com/ym/login?.rand=4k7p2g0rmumem R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://us.f612.mail.yahoo.com/ym/login?.rand=ds1juss844nqk R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINNT\nem219.dll O2 - BHO: twaintecObj Class - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:\WINNT\twaintec.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - C:\WINNT\2_0_1browserhelper2.dll O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Program Files\SideFind\sfbho.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Url Catcher - {CE31A1F7-3D90-4874-8FBE-A5D97F8BC8F1} - C:\WINNT\System32\apuc.dll O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [HP SchedIndexer] C:\Program Files\Hewlett-Packard\LaserJet All-in-one\hppschedindexer.exe O4 - HKLM\..\Run: [HP AutoIndexer] C:\Program Files\Hewlett-Packard\LaserJet All-in-one\hppautoindexer.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe" O4 - HKLM\..\Run: [qjyelm] C:\WINNT\System32\vqjajku.exe O4 - HKLM\..\Run: [Power Scan] C:\Program Files\Power Scan\powerscan.exe O4 - HKLM\..\Run: [alchem] C:\WINNT\alchem.exe O4 - HKLM\..\Run: [BullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe O4 - Global Startup: HP LaserJet Director.lnk = C:\Program Files\Hewlett-Packard\LaserJet All-in-one\hppdirector.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dll O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_file.php?bt=ie&p=0c8f9c464b4dcd5555167068824acacb7b7f55a8b57135786038853b6e841b9a57f3f159a6541ef5d788b8d13da80dca2c 11:1e8b55ca59297b294d12cbd5372935d8 O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_regular.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/21613babc12fe94f0104/netzip/RdxIE601.cab ***************************************** O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - C:\WINNT\2_0_1browserhelper2.dll O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe" O4 - HKLM\..\Run: [qjyelm] C:\WINNT\System32\vqjajku.exe O4 - HKLM\..\Run: [BullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_regular.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/21613babc12fe94f0104/netzip/RdxIE601.cab
|
|
#2
July 31st, 2004, 04:00 AM
|
||||
|
||||
|
You posted exactly the same thread only a few days ago. Please could you just wait and give someone time to check your log. I've closed the other thread.
|
|
#3
August 17th, 2004, 02:52 PM
|
|||
|
|||
|
There there
Delete at least these:
O4 - HKLM\..\Run: [alchem] C:\WINNT\alchem.exe O4 - HKLM\..\Run: [BullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_file.php?bt=ie&p=0c8f9c464b4dcd5555167068824acacb7b7f55a8b57135786038853b6e841b9a57f3f159a6541ef5d788b8d13da80dca2c 11:1e8b55ca59297b294d12cbd5372935d8 O4 - HKLM\..\Run: [BullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe You need to delete the files from your hard drive as well. Make sure you close them before deleting (through Task Manager in Windows XP) & don't close Task Manager before you empty your trash can. Good luck...
|
|
| Viewing: Dev Shed Forums > System Administration > Antivirus Protection > Hijack This Help??? |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
|
 |
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
