Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

hijackthis log please help

Status
Not open for further replies.
AugieP

AugieP

Technical User
Dec 24, 2003
1
US
Having lots of browser problems wont let me do windows updates. Same type of problems on other threads.

hijack this log:

Logfile of HijackThis v1.97.7
Scan saved at 12:45:22 PM, on 12/24/2003
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\PC-cillin 2000\Tmntsrv.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trend Micro\PC-cillin 2000\Pop3trap.exe
C:\Program Files\Trend Micro\PC-cillin 2000\WebTrapNT.exe
C:\Program Files\ISTsvc\istsvc.exe
C:\Program Files\Media\Media\UpdateStats.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\uptodate.exe
C:\WINDOWS\System32\IEDriver\IEDriver.exe
C:\Program Files\SuperBar\sbhc.exe
C:\WINDOWS\System32\wjview.exe
C:\Program Files\Common files\updater\wupdater.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Trend Micro\PC-cillin 2000\PNTIOMON.exe
C:\Program Files\MSI\FuzzyLogic3\FuzzyLogic3.exe
C:\Program Files\Trend Micro\PC-cillin 2000\pccntupd.exe
C:\Program Files\MSN\MSNCoreFiles\msn6.exe
C:\WINDOWS\System32\HisQg.exe
C:\WINDOWS\System32\Fcf0KIcq.exe
C:\Program Files\EbatesMoeMoneyMaker\EbatesMoeMoneyMaker.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\msiexec.exe
C:\WINDOWS\System32\MsiExec.exe
C:\WINDOWS\System32\MsiExec.exe
C:\Documents and Settings\Administrator 1\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\WINDOWS\System32\sb.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: 12.129.205.209 search.netscape.com12.129.205.209 sitefinder.verisign.com
O2 - BHO: (no name) - {000006B1-19B5-414A-849F-2A3C64AE6939} - C:\WINDOWS\bi.dll
O2 - BHO: My Search BHO - {014DA6C1-189F-421a-88CD-07CFE51CFF10} - C:\Program Files\MySearch\bar\1.bin\S4BAR.DLL
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {136A9D1D-1F4B-43D4-8359-6F2382449255} - C:\Program Files\SuperBar\SuperBar.Dll
O2 - BHO: (no name) - {2CF0B992-5EEB-4143-99C0-5297EF71F443} - C:\WINDOWS\System32\stlbdist.DLL
O2 - BHO: (no name) - {5141DEEA-5945-4ECD-A013-F64A8A7F0317} - C:\WINDOWS\System32\mqqhm.dll
O2 - BHO: NavErrRedir Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Search - {2CF0B992-5EEB-4143-99C0-5297EF71F444} - C:\WINDOWS\System32\stlbdist.DLL
O3 - Toolbar: My &Search Bar - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - C:\Program Files\MySearch\bar\1.bin\S4BAR.DLL
O3 - Toolbar: SuperBar - {28CC5586-2CFA-4D1F-8C18-8757A9E6AEAF} - C:\Program Files\SuperBar\SuperBar.Dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2000\Pop3trap.exe"
O4 - HKLM\..\Run: [WebTrapNT.exe] "C:\Program Files\Trend Micro\PC-cillin 2000\WebTrapNT.exe"
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [UpdateStats] C:\Program Files\Media\Media\UpdateStats.exe
O4 - HKLM\..\Run: [{2CF0B992-5EEB-4143-99C0-5297EF71F444}] rundll32.exe C:\WINDOWS\System32\stlbdist.DLL,DllRunMain
O4 - HKLM\..\Run: [RunWindowsUpdate] C:\WINDOWS\uptodate.exe
O4 - HKLM\..\Run: [IEDriver] C:\WINDOWS\System32\IEDriver\IEDriver.exe
O4 - HKLM\..\Run: [3BC9YN95G6#AXR] C:\WINDOWS\System32\Dcz65.exe
O4 - HKLM\..\Run: [SBHC] C:\Program Files\SuperBar\sbhc.exe
O4 - HKLM\..\Run: [msbb] C:\Program Files\n-CASE\msbb.exe
O4 - HKLM\..\Run: [EbatesMoeMoneyMaker] wjview /cp:p "C:\Program Files\EbatesMoeMoneyMaker\System\Code" Main lp: "C:\Program Files\EbatesMoeMoneyMaker"
O4 - HKLM\..\Run: [Belt] C:\WINDOWS\Belt.exe
O4 - HKLM\..\Run: [updater] C:\Program Files\Common files\updater\wupdater.exe
O4 - HKLM\..\Run: [System Service] C:\WINDOWS\System32\msrexe.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Real-time Monitor.lnk = ?
O4 - Global Startup: FuzzyLogic III.lnk = C:\Program Files\MSI\FuzzyLogic3\FuzzyLogic3.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Ebates - file://C:\Program Files\EbatesMoeMoneyMaker\System\Temp\ebates_script0.htm
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O9 - Extra button: Ebates (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {018B7EC3-EECA-11D3-8E71-0000E82C6C0D} - O16 - DPF: {2048B51E-8D74-4762-82CE-B48CF545EEEA} (CAX Object) - O16 - DPF: {38578BF0-0ABB-11D3-9330-0080C6F796A1} (Create & Print ActiveX Plug-in) - O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - O17 - HKLM\System\CCS\Services\Tcpip\..\{B6FD8035-B04E-4E4F-93F7-E8EEC05F9346}: NameServer = 209.244.0.3 209.244.0.4

Thanks in advance for any help.
 
Sort by date Sort by votes
1. right-click My Computer, Properties, System Restore, and check to disable system restore on all drives.

2. Donwload, update within the program, exit and restart and then run the scanner within:

cwshredder
SpyBot 1.2
AdAware


3. Reboot and post a Hijack This! log again.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

sthorne1271
  • Locked
  • Question
ActiveX Install Issue - Need help Please !!
Replies
2
Views
87
sthorne1271
sthorne1271
alexvidakovic
  • Locked
  • Question
help me to get rid of the ask search toolbar
Replies
1
Views
83
JustinEzequiel
JustinEzequiel
goombawaho
  • Locked
  • Question
Comcast login - auto filled account is not mine
Replies
9
Views
120
goombawaho
goombawaho
samurrai
  • Locked
  • Question
IE Auto Login Script for Password Protected Site
Replies
0
Views
55
samurrai
samurrai
goombawaho
  • Locked
  • Question
Microsoft badmouthing Firefox after logging out of Hotmail
Replies
3
Views
72
geeknerd
geeknerd

Part and Inventory Search

Sponsor

Back
Top