hijack this log - Techist - Tech Forum

Go Back   Techist - Tech Forum > Computer Software > Microsoft Windows and Software
Closed Thread
Thread Tools Display Modes
Old 07-17-2005, 01:11 PM   #1 (permalink)
Newb Techie
Join Date: Jul 2005
Posts: 30
Default hijack this log

First, had no start up menu or icons on desktop
Could not revert to previous good start up
Could get to task manager ran cw shredder, ad aware (took over 6 hours), spybot, AVG free cleaned up what i could last night
Started searching lycos on a different computer today while I re ran cw, spybot, hijack this.
Prior to hijack this my icons and start menu came back with the following error message RUNDLL Error loading C:\WINDOWS\cfgmgr52.dll the specified module could not be found
Found in a forum to uncheck cfgmgr52.dll did so and restarted computer DEll Dimension 8100 128mg XP Pro SP2
now when i restart i get message that says that I have changed the way it starts up and to run it in normal. If i do that then I get the cfgmgr52 errror
I read in your forum to run hijack this so i did and would like to post my log HOW DO I DO THAT??
Warez Monster also talks about deleting an 02 BHO entry from Hijack this but I don't see it.
Am new at this forum stuff and trying to fix problems

dowhat is offline  
Old 07-17-2005, 01:12 PM   #2 (permalink)
Member (again)
macdude425's Avatar
Join Date: Jan 2005
Location: Raul's Wild Kingdom...How 'bout that, huh?
Posts: 4,202
Send a message via AIM to macdude425 Send a message via Yahoo to macdude425

I DO NOT suggest trying to fix problems that show up on your HJT log unless you know what they do.

Post a log in the HJT forum and let one of the log readers look at it for you.


Debian Support Forums!
macdude425 is offline  
Old 07-18-2005, 09:25 AM   #3 (permalink)
Newb Techie
Join Date: Jul 2005
Posts: 30
Default how do i post the hijack this log?

Do I copy it and paste it here??? in the message box???
dowhat is offline  
Old 07-18-2005, 12:11 PM   #4 (permalink)
Member (again)
macdude425's Avatar
Join Date: Jan 2005
Location: Raul's Wild Kingdom...How 'bout that, huh?
Posts: 4,202
Send a message via AIM to macdude425 Send a message via Yahoo to macdude425

Yes, just copy and paste the log into the reply box.

Debian Support Forums!
macdude425 is offline  
Old 07-18-2005, 04:23 PM   #5 (permalink)
Newb Techie
Join Date: Jul 2005
Posts: 30

Thanks, here's the file
Logfile of HijackThis v1.99.1
Scan saved at 10:30:44 AM, on 7/17/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
C:\Program Files\Microsoft Works\WksSb.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\satn\emsa.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Scansoft\PaperPort\SmartUI\SmartUI.exe
C:\Program Files\OpenOffice.org1.1.4\program\soffice.exe
C:\Documents and Settings\Kate Brady\Desktop\hijackthis2\HijackThis.exe

O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.d ll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WWWinkle Helper - {1897E906-6880-4ab9-8752-B80987FA7862} - C:\Program Files\Naturally Open\Search Panel\Search Panel.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.d ll
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\Scansoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl03a\BrStDvPt.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [cfgmgr52] RunDLL32.EXE C:\WINDOWS\cfgmgr52.dll,DllRun
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [Hums] C:\Program Files\satn\emsa.exe
O4 - HKCU\..\Run: [Ggavyd] C:\WINDOWS\system32\??mbols\rundll32.exe
O4 - Startup: OpenOffice.org 1.1.4.lnk = C:\Program Files\OpenOffice.org1.1.4\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O4 - Global Startup: SmartUI.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Search Panel - {DD1358B9-6C8A-4f85-AC51-0A4171F77758} - C:\Program Files\Naturally Open\Search Panel\Search Panel.dll
O9 - Extra 'Tools' menuitem: Search Panel - {DD1358B9-6C8A-4f85-AC51-0A4171F77758} - C:\Program Files\Naturally Open\Search Panel\Search Panel.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1117736554675
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab34246.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/...sh/swflash.cab
O20 - Winlogon Notify: Dynamic Directory - C:\WINDOWS\system32\umhisapi.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\WINDOWS\system32\Brmfrmps.exe" -service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe
dowhat is offline  
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Our Communities

Our communities encompass many different hobbies and interests, but each one is built on friendly, intelligent membership.

» More about our Communities

Automotive Communities

Our Automotive communities encompass many different makes and models. From U.S. domestics to European Saloons.

» More about our Automotive Communities

Marine Communities

Our Marine websites focus on Cruising and Sailing Vessels, including forums and the largest cruising Wiki project on the web today.

» More about our Marine Communities

Copyright 2002-2015 Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 06:37 PM.

Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2016, vBulletin Solutions, Inc.