Please help me with my hyjackthis log

Posted 4/12/2003 9:42 PM
#12806
User avatar

smithy9869 Member

Date Joined Nov 2016
Total Posts: 6
[table cellSpacing=0 cellPadding=0 width="98%" align=center border=0]
[tr ][td class=msgThreadInfo vAlign=bottom noWrap height=20][/td][td class=msgThreadInfo vAlign=bottom noWrap align=right height=20]User imageUser image[/td][/tr][tr ][td class=msgThread2 style="BORDER-RIGHT: buttonshadow 1px outset; HEIGHT: 170px" vAlign=top colSpan=2]



Hi,


I hope someone would be kind enough to help me sort out a few problems that i have with my pc. I will quickly explain the few faults i have...............1, MSN messenger wont let me log in, and when i do get in, all the icons and the little men are upsidedown????Weird... 2, Sometimes when i open IE, it doesnt go to my usual google page, but instead i get a porn window, and these porn windows pop-up from time to time on their own accord???

3, Also, i use zone alarm as my firewall, and i keep getting an alert about "abetterinternet" is trying to access the internet, when i get this i click the box to say remember this setting and then i deny it, but it still keeps coming back!!!!

4, Ive tried to install realplayer, once installed and i click on the realplayer icon to open it, nothing happens...



I have ran many different spyware programs to try and cure these problems to no avail!!!

I have also uninstalled/re-installed msn messenger and realplayer many times but still having major probs. The thing is...windows messenger works fine, but not MSN......



The spy programs i have used are:---Spybot search+distroy,pest patrol,cw shredder,ad-aware se,spyware doctor,spy sweeper,and Xoftspy. I done all these last night exept cw shredder, and pest patrol found 2820 problems, so i thought all was gonna be ok.....How wrong i was.



I would really apprieciate it if someone could help me with my Hyjackthis logfile....Its doing my head in...

P.S Can u explain what i have to do in easy terms please, as im not a pc wizard.



Thanks in advance

Darren



MY logfile:----



Logfile of HijackThis v1.99.1
Scan saved at 13:58:41, on 04/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Roxio\GoBack\GBPoll.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\HHVcdV5Sys\VC5SecS.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Ahead\InCD\InCD.exe
c:\windows\system32\vbcoqp.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\NetPumper\NetPumperIEProxy.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\PESTPA~1\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [color=#800080>http://www.google.co.uk/[/url]
R1]http://www.staples.co.uk/[/color]

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [color=#800080>http://www.google.co.uk/[/url]
R0]F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O1 - Hosts: 69.50.166.11 google.co.uk
O1 - Hosts: 69.50.166.11
www.google.es[/color]
O1 - Hosts: 69.50.166.11 google.es
O1 - Hosts: 69.50.166.11 google.com.au
O1 - Hosts: 66.218.75.184 mail.yahoo.com
O1 - Hosts: 69.50.166.12 [color=#0000ff>www.go.com[/url]
O1]O1 - Hosts: 69.50.166.13 astalavista.com
O1 - Hosts: 69.50.166.13
www.astalavista.com[/color]
O1 - Hosts: 69.50.166.13 astalavista.box.sk
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AddressBar Class - {1474CE44-8057-4AE3-8F3E-ED37C7C63D8A} - C:\WINDOWS\system32\iasad.dll (file missing)
O2 - BHO: BolgerObj Class - {302A3240-4805-4a34-97D7-1645A0B08410} - C:\WINDOWS\Bolger.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ohb - {999A06FF-10EF-4A29-8640-69E99882C26B} - C:\WINDOWS\system32\nsl50.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [NetPumper] "C:\Program Files\NetPumper\NetPumperIEProxy.exe"
O4 - HKLM\..\Run: [NeroCheck] D:\Tools\Nero\Nero55\Nero\Misc\NeroCheck.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ncyjoh] c:\windows\system32\vbcoqp.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Download with NetPumper - C:\Program Files\NetPumper\AddUrl.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: Inicio - {AF0828BC-CB46-4C8D-95B6-8A7C4988F9FF} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.staples.co.uk/
O16 - DPF: Yahoo! Chat - [color=#0000ff>http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab[/url]
O16]http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab[/color]

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - [color=#0000ff>http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab30149.cab[/url]
O16]http://static.windupdates.com/cab/DownloadAccess/ie/bridge-c338.cab[/color]

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - [color=#0000ff>http://messenger.zone.msn.com/binary/MineSweeper.cab30149.cab[/url]
O16]http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab[/color]

O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - [color=#0000ff>http://www.cult3d.com/download/cult.cab[/url]
O16]http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-17.cab[/color]

O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - [color=#0000ff>http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab[/url]
O16]http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab[/color]

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - [color=#0000ff>http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab[/url]
O16]http://webcamnow.com/broadcast/ActiveXWebCam.cab[/color]

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - [color=#0000ff>http://messenger.msn.com/download/msnmessengersetupdownloader.cab[/url]
O16]http://messenger.zone.msn.com/binary/ZIntro.cab30149.cab[/color]

O16 - DPF: {BB95299D-B65B-47E0-8DDB-697A66298C3A} (UniVoiceX Control) - [color=#0000ff>http://webcamnow.com/voice/voice.cab[/url]
O16]http://messenger.zone.msn.com/binary/Bankshot.cab30149.cab[/color]

O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - [color=#0000ff>http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab[/url]
O16]http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab[/color]

O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - [color=#0000ff>http://fdl.msn.com/zone/datafiles/heartbeat.cab[/url]
O16]http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_1_6_0.cab[/color]

O16 - DPF: {FB48C7B0-EB66-4BE6-A1C5-9DDF3C37249A} (MCSendMessageHandler Class) - http://xtraz.icq.com/xtraz/activex/MISBH.cab
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: GBPoll - Roxio, Inc. - C:\Program Files\Roxio\GoBack\GBPoll.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Unknown owner - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe (file missing)
O23 - Service: McAfee Personal Firewall Service (MpfService) - Unknown owner - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe
O23 - Service: Virtual CD v5 Security service (VC5SecS) - H+H Software GmbH - C:\Program Files\HHVcdV5Sys\VC5SecS.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
[/td][/tr][/table]
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Friday, January 20, 2017, 6:43 AM (GMT +1)
There are a total of 61,163 posts in 13,449 threads.
In the last 3 days there were 1 new threads and 5 reply posts.

Who's online

This forum has 37,989 registered members. Please welcome our newest member, Weiwei.
There are currently no users on-line.
We use cookies to ensure that we give you the best experience on our website. By continuing to browse, we are assuming that you have no objection in accepting cookies. You can change your cookie settings at any time.