home hardware prices news articles forums photos user reviews
Go Back   Tech Support Forums - TechIMO.com > PC Hardware and Tech > Security and Privacy Issues
Hijackthis Log Help. Please... Hijackthis Log Help. Please...
Ask a Tech Support Question (free)!

Hijackthis Log Help. Please...

Reply
Get bargains at  »  Dealighted.com
 
Thread Tools Search this Thread
Currently Active Users: 1852
Discussions: 200,909, Posts: 2,378,942, Members: 246,277
Old August 3rd, 2004, 07:13 PM   Digg it!   #1 (permalink)
Member
 
Gyurza's Avatar
 
Join Date: Jan 2003
Location: Big Lake,Minnesota.
Posts: 143
Send a message via ICQ to Gyurza Send a message via AIM to Gyurza Send a message via Yahoo to Gyurza
Hijackthis Log Help. Please...
I got the Log from Hijack, what do i do now..

Logfile of HijackThis v1.98.1
Scan saved at 4:33:45 PM, on 8/3/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\stardock\TrayServer.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\CTHELPER.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
F:\Programs OSX\iTunesHelper.exe
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\WINDOWS\System32\yuoocc.exe
C:\Documents and Settings\Diane\Start Menu\Skins&More®\YZ_OSX\YzToolBar.exe
C:\Documents and Settings\Diane\Start Menu\Skins&More®\Yzshadow\YzShadow.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Rainlendar\Rainlendar.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Outlook Express\MSIMN.EXE
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Diane\LOCALS~1\Temp\Rar$EX00.860\Hijac kThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redi...er=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redi...=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q=
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.stardock.com/order.asp?product=IconPackager
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Safari By Kaliman®
O2 - BHO: twaintecObj Class - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:\WINDOWS\twaintec.dll
O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:\WINDOWS\systb.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Adobe Reader\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O4 - HKLM\..\Run: [1A:Stardock TrayMonitor] "C:\Program Files\Common Files\stardock\TrayServer.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [iTunesHelper] F:\Programs OSX\iTunesHelper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [wokbhli] C:\WINDOWS\System32\yuoocc.exe
O4 - HKLM\..\Run: [Win Server Updt] C:\WINDOWS\wupdt.exe
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - Startup: Shortcut (2) to YzToolBar.lnk = ?
O4 - Startup: Shortcut to YzShadow.lnk = ?
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: SplashPanel v2a.LNK = C:\Program Files\SplashPanel\SplashPanel.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll (file missing)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll (file missing)
O17 - HKLM\System\CCS\Services\Tcpip\..\{ADA27A10-32D2-4426-92F5-DE083E885C9C}: NameServer = 208.38.65.37,208.38.65.35
O17 - HKLM\System\CCS\Services\Tcpip\..\{BC750E79-FC92-44C3-A6F0-C526D00EFB52}: NameServer = 208.38.65.37,208.38.65.35
Gyurza is offline   Reply With Quote
Old August 3rd, 2004, 07:34 PM     #2 (permalink)
Ultimate Member
 
ben-the-slacker's Avatar
 
Join Date: Nov 2001
Location: Starkville, MS
Posts: 1,452
You should probably update and run Adaware, Spybot, and CWShredder before you run HJT.

C:\WINDOWS\System32\yuoocc.exe looks kinda suspicious, as well as some of those R1 entries.
ben-the-slacker is offline   Reply With Quote
Old August 3rd, 2004, 07:39 PM     #3 (permalink)
Best To Avoid Me
 
Martoch's Avatar
 
Join Date: Mar 2002
Location: Under Your Bed
Posts: 8,863
http://www.techimo.com/forum/t116590.html
Martoch is offline   Reply With Quote
Reply
Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
Altnet.... Hickjack IE Gyurza Security and Privacy Issues 6 August 3rd, 2004 11:09 PM
Spyware on computer? Pete1 Networking and Internet 7 August 3rd, 2004 10:59 AM
google.com goes to index page Winos2Mac General Tech Discussion 16 July 16th, 2004 09:44 AM
Boss's computer infected, help me oh god :( Descent Security and Privacy Issues 8 July 9th, 2004 03:11 PM
PLEASE HELP ME laase12 Technical Support 12 June 30th, 2004 12:44 PM


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Most Active Discussions
Why is Khalid Sheikh Mohammed even .. (6)
Is It Just Me? (2818)
California Passes Anti-Flat-HDTV Le.. (39)
Is the PSU I received dead? (10)
Install XP pro and a Vista laptop ?.. (8)
HIS HD5770 graphic card question (14)
A good PSU? (10)
Foreign voltage (7)
New Computer wont recognize XP disc (7)
Dept. of HS: NSA 'Helped' Develop V.. (12)
Print spooler problem (7)
Ideal cheap graph card for PC-Gamin.. (15)
EVGA 9800 gtx help with finding a g.. (7)
Modern Warfare 2: Who Bought It? (60)
Recent Discussions
Foreign voltage (7)
Asus P4G8X Mobo (3)
Print spooler problem (7)
windows vista security holes (2)
World's largest Monopoly Game using G.. (329)
EVGA 9800 gtx help with finding a goo.. (7)
Need hard disk drivers (4)
windows 7 internet problem (4)
What OS for a home server? (other tha.. (1)
Boot Problem? (0)
Logitech G9 laser gaming mouse $59.95.. (2)
$5 off any item with the purchase of .. (1)
Ideal cheap graph card for PC-Gaming? (15)
HIS HD5770 graphic card question (14)
Install XP pro and a Vista laptop ?? (8)
Cloning old drive to new drive (6)
Amptron monitor G17FP-Black (0)
A good PSU? (10)
Is the PSU I received dead? (10)
HP Pavillion Laptop ze4220 won't turn.. (7)
Dept. of HS: NSA 'Helped' Develop Vis.. (12)
Convert 5 pin Keyboard to USB (11)
hybernate option (2)
Steam ID's, Gamertags etc... (1)
New Computer wont recognize XP disc (7)


All times are GMT -4. The time now is 10:36 AM.
TechIMO Copyright 2009 All Enthusiast, Inc.

Contact Us - Tech Support Forums - TechIMO.com - Archive - Privacy Statement - Terms of Use -
Coupons and Deals and Dealighted - Store Ratings, Avoid Scam Businesses - Geek News - Tech News for the Geek In You- Web Business Blog - Top


1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28