Techist - Tech Forum

Techist - Tech Forum (http://www.techist.com/forums/)
-   Microsoft Windows and Software (http://www.techist.com/forums/f9/)
-   -   hijack this question? (http://www.techist.com/forums/f9/hijack-question-14977/)

jaksback 04-22-2004 02:07 PM

hijack this question?
 
here is my hijack this log, what should be fixed?

Logfile of HijackThis v1.97.7
Scan saved at 11:08:24 AM, on 4/22/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
D:\WINNT\System32\smss.exe
D:\WINNT\system32\winlogon.exe
D:\WINNT\system32\services.exe
D:\WINNT\system32\lsass.exe
D:\WINNT\system32\svchost.exe
D:\WINNT\system32\spoolsv.exe
D:\Program Files\EPSON\ESM2\eEBSVC.exe
D:\WINNT\system32\cisvc.exe
D:\WINNT\System32\svchost.exe
D:\PROGRA~1\Iomega\System32\AppServices.exe
D:\WINNT\system32\nvsvc32.exe
D:\WINNT\system32\regsvc.exe
D:\WINNT\system32\MSTask.exe
D:\WINNT\system32\stisvc.exe
D:\WINNT\System32\VetMsgNT.exe
D:\WINNT\system32\ZONELABS\vsmon.exe
D:\WINNT\System32\WBEM\WinMgmt.exe
D:\WINNT\system32\svchost.exe
D:\WINNT\Explorer.EXE
D:\Program Files\planetscott.ca\PopupBlock\PopupBlock.exe
D:\PROGRA~1\CA\ETRUST~1\ETRUST~1\ca.exe
D:\PROGRA~1\CA\ETRUST~1\ETRUST~2\VetTray.exe
D:\WINNT\system32\RUNDLL32.EXE
D:\WINNT\system32\spool\drivers\w32x86\3\hpztsb07. exe
D:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
D:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
D:\Documents and Settings\jack mosher\Local Settings\Temp\FreeRAM XP Pro 1.40.exe
D:\WINNT\system32\cidaemon.exe
D:\WINNT\System32\svchost.exe
D:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
D:\Program Files\Microsoft Office\Office\OUTLOOK.EXE
D:\Program Files\JetAudio\JetAudio.exe
D:\PROGRA~1\mozilla.org\Mozilla\Mozilla.exe
D:\Documents and Settings\jack mosher\My Documents\dowloads from school\adware****\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://red.clientapps.yahoo.com/cust...//my.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.yahoo.com
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.yahoo.com"); (D:\Documents and Settings\jack mosher\Application Data\Mozilla\Profiles\default\jbh67wa8.slt\prefs.j s)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://D%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csea rchplugins%5CSBWeb_01.src"); (D:\Documents and Settings\jack mosher\Application Data\Mozilla\Profiles\default\jbh67wa8.slt\prefs.j s)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0. dll
O2 - BHO: (no name) - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - D:\Program Files\planetscott.ca\PopupBlock\PBHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0. dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [PopupBlock] D:\Program Files\planetscott.ca\PopupBlock\PopupBlock.exe
O4 - HKLM\..\Run: [Zone Labs Client] D:\PROGRA~1\CA\ETRUST~1\ETRUST~1\ca.exe
O4 - HKLM\..\Run: [VetTray] D:\PROGRA~1\CA\ETRUST~1\ETRUST~2\VetTray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [VortexTray] D:\WINNT\au30setp.exe 3
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] D:\WINNT\system32\spool\drivers\w32x86\3\hpztsb07. exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKCU\..\Run: [SpySweeper] D:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - HKCU\..\Run: [FreeRAM XP] "D:\Documents and Settings\jack mosher\Local Settings\Temp\FreeRAM XP Pro 1.40.exe" -win
O4 - HKCU\..\Run: [Mozilla Quick Launch] "D:\Program Files\mozilla.org\Mozilla\Mozilla.exe" -turbo
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: EPSON Background Monitor.lnk = D:\Program Files\EPSON\ESM2\STMS.exe
O8 - Extra context menu item: Yahoo! Dictionary - file:///D:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///D:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://usercenter.cox.net/rsuite/sdc...cx_tgctlcm.jsp
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template and Media Control) - http://office.microsoft.com/templates/ieawsdc.cab
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) - http://courses.mindleaders.com/dpec/...bs/awswaxf.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - http://us.chat1.yimg.com/us.yimg.com...45/yacscom.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0401.cab
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeup...ntent/opuc.cab
O16 - DPF: {4E888414-DB8F-11D1-9CD9-00C04F98436A} (Microsoft.WinRep) - https://webresponse.one.microsoft.co...veX/winrep.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.co...063.3227546296
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yaho...ymmapi_416.dll
O16 - DPF: {D3D83E08-54D1-4E9D-8EAF-9F979D139294} (MaxisSimCityScapeTeleX Control) - http://simcity.ea.com/scape/teleport...ScapeTeleX.cab

any help would be appreciated....

jaksback 04-26-2004 04:56 PM

for crying out loud, won't someone help me with this?

Oo DaRk StAr oO 04-26-2004 06:08 PM

Id love to help but I am not sure what exactly I am looking for.

jaksback 04-27-2004 12:32 AM

well, it's not the most current now anyways.......but.......if anyone else has any idea how to best use hijack so that I don't royally screw things up, then I'll update the log file.


All times are GMT -5. The time now is 06:00 PM.

Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2018, vBulletin Solutions, Inc.