Jump to content


Photo

Hijack This Log Help


  • Please log in to reply
1 reply to this topic

#1 robss2k

robss2k

    Member

  • New Member
  • Pip
  • 2 posts

Posted 19 July 2004 - 11:42 AM

Can anyone please help me decifer the following log and let me know which ones to delete? Thanks.


Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\cusrvc.exe
C:\PROGRA~1\Navnt\DefWatch.exe
C:\WINNT\system32\hidserv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\Navnt\Rtvscan.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\mfcfp.exe
\caldwell_p\sys\public\clntrust.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\WINNT\system32\Promon.exe
C:\WINNT\system32\NWTRAY.EXE
C:\Program Files\Compaq\Compaq EAB Software\cpqek.exe
C:\WINNT\System32\NMSSvc.exe
C:\Program Files\Navnt\vptray.exe
C:\PROGRA~1\MYWEBS~1\bar\4.bin\mwsoemon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MSN Apps\Updater\01.02.0001.1004\en-us\msnappau.exe
C:\WINNT\sdkxl32.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\iISystem Wiper\SystemWiper.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\PROGRA~1\IBM\CLIENT~1\Emulator\pcsws.exe
C:\PROGRA~1\IBM\CLIENT~1\Emulator\pcsws.exe
C:\PROGRA~1\IBM\CLIENT~1\Emulator\pcsws.exe
C:\Program Files\Microsoft Office\Office10\msoffice.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\PROGRA~1\IBM\CLIENT~1\Emulator\PCSCM.EXE
C:\PROGRA~1\IBM\CLIENT~1\cwblmsrv.exe
C:\PROGRA~1\MICROS~2\Office10\OUTLOOK.EXE
C:\WINNT\msagent\AgentSvr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Compaq\Compaq EAB Software\Usb2k.exe
C:\WINNT\System32\MsiExec.exe
C:\PROGRA~1\WinZip\winzip32.exe
C:\DOCUME~1\DHAHN\LOCALS~1\Temp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.1.1.14:8080
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {D52EE593-D7B3-1A42-0717-0E8B9A8D79E2} - C:\WINNT\system32\ntvd.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [Promon.exe] Promon.exe
O4 - HKLM\..\Run: [NWTRAY] NWTRAY.EXE
O4 - HKLM\..\Run: [Client Access Service] "C:\Program Files\IBM\Client Access\CwbSvStr.Exe"
O4 - HKLM\..\Run: [Client Access Help Update] "C:\Program Files\IBM\Client Access\cwbinhlp.exe"
O4 - HKLM\..\Run: [Client Access Check Version] "C:\Program Files\IBM\Client Access\cwbckver.exe" LOGIN
O4 - HKLM\..\Run: [cpqek] C:\Program Files\Compaq\Compaq EAB Software\cpqek.exe
O4 - HKLM\..\Run: [vptray] C:\Program Files\Navnt\vptray.exe
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\4.bin\mwsoemon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.0001.1004\en-us\msnappau.exe"
O4 - HKLM\..\Run: [sdkxl32.exe] C:\WINNT\sdkxl32.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\4.bin\mwsoemon.exe
O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - HKCU\..\Run: [\IEService.exe] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IESERV~1\IEService.exe
O4 - HKCU\..\Run: [iIWiper] C:\Program Files\iISystem Wiper\SystemWiper.exe m
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O16 - DPF: {1678F7E1-C422-11D0-AD7D-00400515CAAA} - http://files.cometsy...ursor/comet.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.co...etup1.0.0.8.cab
O16 - DPF: {4E7BD74F-2B8D-469E-D7EE-FE6FA781BF33} - http://downloads.net...ar/netscape.cab
O16 - DPF: {5CE8C9BE-B561-4311-8C03-D6F6C1CAF7E1} (CSND_AX.ctlCSND_AX) - http://wwss1pro.comp...ect/CSND_AX.CAB
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akama...meInstaller.exe
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.googl...gleActivate.cab
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai....21/cpbrkpie.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius....tiveXPlugin.cab
O16 - DPF: {C7B05B62-C8D7-438C-840B-4994DAAA8EEE} - http://webpdp.gator....ptdmgainads.cab

#2 robss2k

robss2k

    Member

  • New Member
  • Pip
  • 2 posts

Posted 02 August 2004 - 01:24 PM

Bump ;D




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button