Jump to content


Hijackthis Log PLEASE HELP !!

  • Please log in to reply
1 reply to this topic

#1 marxvet



  • Full Member
  • Pip
  • 12 posts

Posted 14 July 2004 - 07:44 AM

Logfile of HijackThis v1.97.7
Scan saved at 10:24:49, on 08/07/2004
Platform: Windows 2000 SP1 (WinNT 5.00.2195)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\Program Files\ComputerAssociates\NTAgent\Ntagent.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\ComputerAssociates\ARCserveITDS\asdscsvc.exe
C:\Program Files\ComputerAssociates\ARCserveITDS\Liccheck.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\Real\RealJukebox\tsystray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\PowerPanel\Program\PcfMgr.exe
C:\Program Files\Sony\VAIO Action Setup\VAServ.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
C:\Program Files\Common Files\System\MAPI\1033\nt\MAPISP32.EXE
C:\Program Files\MDT5\acad.exe
C:\MISC DWGS\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,Search Page = http://vrape.hardlov...rch.php?id=2&s=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://server224.sma...t/7search/?hkcu
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://default-homep.../start.cgi?hklm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://server224.sma...t/7search/?hklm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = PLEXUS01:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
O1 - Hosts: ie.search.msn.com
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5FA6752A-C4A0-4222-88C2-928AE5AB4966} - C:\WINNT\System32\SWin32.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [OmgStartup] C:\Program Files\Common Files\Sony Shared\OpenMG\OmgStartup.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [RealJukeboxSystray] "C:\Program Files\Real\RealJukebox\tsystray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [System Tray] C:\Documents and Settings\slr\My Documents\ref-394755.pif
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [TrayX] C:\WINNT\winppr32.exe /sinc
O4 - HKLM\..\Run: [winmain] winmain.exe
O4 - HKLM\..\Run: [Adstartup] C:\WINNT\System32\automove.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [System Tray] C:\Documents and Settings\slr\My Documents\ref-394755.pif
O4 - HKCU\..\Run: [TrayX] C:\WINNT\winppr32.exe /sinc
O4 - HKCU\..\Run: [iedll] c:\WINNT\iedll.exe
O4 - HKCU\..\Run: [loader] c:\WINNT\loader.exe
O4 - HKCU\..\Run: [System Soap Pro] C:\Program Files\System Soap Pro\soap.exe min
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\Symantec\LIVEUP~1\SNDMon.EXE
O4 - Global Startup: PowerPanel.lnk = C:\Program Files\PowerPanel\Program\PcfMgr.exe
O4 - Global Startup: VAIO Action Setup (Server).lnk = C:\Program Files\Sony\VAIO Action Setup\VAServ.exe
O4 - Global Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Firewall Client Connectivity Monitor.LNK = C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Real.com (HKLM)
O13 - DefaultPrefix:
O13 - WWW Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macr...ash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = posgrip.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = posgrip.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = posgrip.com

#2 daveai


    Forum Deity

  • Retired Staff
  • PipPipPipPipPip
  • 1,214 posts

Posted 02 September 2004 - 11:08 PM

Thanks for sending your HijackThis logfile. We apologize for the delay in responding. The volunteers working here are swamped, and unfortunately some requests don't get ansered in a timely manner.

If you still need some help with your problem, please respond to this with a fresh HijackThis log.

I will be notified automatically when that happens.

If you found our service worthwhile, and want to help keep SpwareInfo running please consider donating here.

"Applying computer technology is simply finding the right wrench to pound in the correct screw." Anonymous

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of

Support SpywareInfo Forum - click the button
PayPal - The safer, easier way to pay online!