Jump to content


Photo

My Hijack This log, What should i remove


  • This topic is locked This topic is locked
3 replies to this topic

#1 Katten

Katten

    Member

  • New Member
  • Pip
  • 2 posts

Posted 22 July 2004 - 06:30 PM

This is my Hijack this Process Log, Please, need help telling which to remove, and how if not just 'fix'


Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\CTHELPER.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe
C:\WINDOWS\System32\Oyhp.exe
C:\WINDOWS\System32\PabIe.exe
C:\Documents and Settings\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: (no name) - {965A592F-8EFA-4250-8630-7960230792F1} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5FA6752A-C4A0-4222-88C2-928AE5AB4966} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [stcinstaller] c:\installer\id53.exe
O4 - HKLM\..\Run: [4898HYN348TW4S] C:\WINDOWS\System32\Reyd5kLt.exe
O4 - HKLM\..\Run: [4s3W3sg] imapsetu.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Outpost Firewall] C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe /waitservice
O4 - HKCU\..\Run: [AIM] C:\Program Files\Aim Master\aim.exe -cnetwait.odl
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\Aim Master\aim.exe
O9 - Extra button: Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - C:\Program Files\Agnitum\Outpost Firewall\TRASH.EXE (HKCU)
O9 - Extra 'Tools' menuitem: Show Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - C:\Program Files\Agnitum\Outpost Firewall\TRASH.EXE (HKCU)
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative....119/CTSUEng.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.r...ip/RdxIE601.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative....12119/CTPID.cab

#2 FZWG

FZWG

    Chopper 1 - NTF

  • Emeritus
  • PipPipPipPipPip
  • 2,125 posts

Posted 23 July 2004 - 11:29 AM

Katten,

Taking a look at your HijackThis log.

There is always a header at the top of the log which states:
Logfile of HijackThis...
Scan Saved....
Platform...
MSIE...

We need that information.

If you do not already have it, a new version of HijackThis (version 1.98) is available here: http://www.spywarein.../downloads.html

Please use the new version, and post a new log.

Will then check out its entries and get back with you.

Have a good day!

Edited by FZWG, 23 July 2004 - 12:49 PM.

IPB Image

There are times when everything is understood...then one regains consciousness!

#3 ArcticCat

ArcticCat

    Member

  • New Member
  • Pip
  • 3 posts

Posted 23 July 2004 - 07:05 PM

FZWG, that link is kaput, did you post an edit?

#4 FZWG

FZWG

    Chopper 1 - NTF

  • Emeritus
  • PipPipPipPipPip
  • 2,125 posts

Posted 23 July 2004 - 07:07 PM

ArcticCat,

Tried it three times, and it worked every time!

If nothing else, do a Google search for HijackThis 1.98 Merijn.org

Edited by FZWG, 23 July 2004 - 07:12 PM.

IPB Image

There are times when everything is understood...then one regains consciousness!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button