Anything to worry about here?

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

darkdelta

Thread Starter
Joined
Oct 5, 2003
Messages
19
My computer is ok (I think) It's IE 6 )SP1 and latest updates installed), is acting a little quirky. I sometimes have to refresh a page before it contines to load. It is a small glitch.

Win 2K with all updates installed. I run behind a router and a firewall (ATGuard) old, but I like it for its features.

Thanks



Logfile of HijackThis v1.97.2
Scan saved at 05:19:53, on 10/12/2003
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
D:\WINNT\System32\smss.exe
D:\WINNT\system32\winlogon.exe
D:\WINNT\system32\services.exe
D:\WINNT\system32\lsass.exe
D:\WINNT\system32\svchost.exe
D:\WINNT\system32\spoolsv.exe
D:\WINNT\System32\drivers\CDAC11BA.EXE
E:\Program Files\NavNT\defwatch.exe
D:\WINNT\System32\svchost.exe
e:\Program Files\Atguard\iamserv.exe
E:\Program Files\NavNT\rtvscan.exe
D:\WINNT\system32\regsvc.exe
D:\WINNT\system32\MSTask.exe
D:\WINNT\System32\WBEM\WinMgmt.exe
D:\WINNT\System32\mspmspsv.exe
D:\WINNT\system32\svchost.exe
D:\WINNT\system32\MsgSys.EXE
D:\WINNT\Explorer.EXE
E:\Program Files\Phone Plus\Phone.exe
E:\Program Files\Phone Plus\Phone.exe
E:\Program Files\Microsoft Hardware\Mouse\point32.exe
E:\PROGRA~1\MICROS~1\GAMECO~1\Common\SWTrayV4.exe
D:\WINNT\System32\qttask.exe
E:\Program Files\Ahead\incd\InCD.exe
D:\WINNT\system32\spool\drivers\w32x86\3\hpztsb02.exe
D:\WINNT\Registry.exe
E:\PROGRA~1\Atguard\iamapp.exe
E:\Program Files\NavNT\vptray.exe
E:\Program Files\Meaya\Popup Ad Filter\PopFilter.exe
E:\QUICKENW\QWDLLS.EXE
E:\Program Files\WinBatch\System\popmenu.exe
E:\Program Files\SpywareGuard\sgmain.exe
E:\Program Files\SpywareGuard\sgbhp.exe
e:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
D:\Program Files\Internet Explorer\iexplore.exe
E:\AAINSTALL\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///L:/grafix/webcal/html/wc072003.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - e:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - e:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - D:\WINNT\System32\nzdd.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Phone Plus] e:\Program Files\Phone Plus\Phone.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [SideWinderTrayV4] E:\PROGRA~1\MICROS~1\GAMECO~1\Common\SWTrayV4.exe
O4 - HKLM\..\Run: [QuickTime Task] D:\WINNT\System32\qttask.exe
O4 - HKLM\..\Run: [InCD] E:\Program Files\Ahead\incd\InCD.exe
O4 - HKLM\..\Run: [NeroCheck] D:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] D:\WINNT\system32\spool\drivers\w32x86\3\hpztsb02.exe
O4 - HKLM\..\Run: [Registry services] D:\WINNT\Registry.exe
O4 - HKLM\..\Run: [iamapp] e:\PROGRA~1\Atguard\iamapp.exe
O4 - HKLM\..\Run: [vptray] E:\Program Files\NavNT\vptray.exe
O4 - HKCU\..\Run: [Popup Ad Filter] e:\Program Files\Meaya\Popup Ad Filter\PopFilter.exe
O4 - HKCU\..\RunOnce: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - Startup: SpywareGuard.lnk = E:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Quicken Startup.lnk = E:\QUICKENW\QWDLLS.EXE
O4 - Global Startup: PopMenu exe.lnk = E:\Program Files\WinBatch\System\popmenu.exe
O8 - Extra context menu item: Allow Popups - e:\Program Files\Meaya\Popup Ad Filter\WhiteGetUrl.js
O8 - Extra context menu item: Power Search - res://D:\PROGRA~1\COMMON~1\MSIETS\msielink.dll//iemenu
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O12 - Plugin for .spop: D:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0FC6BF2B-E16A-11CF-AB2E-0080AD08A326} - http://activex.liveupdate.com/controls/cres.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/0fb5e03023def1/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37881.1547916667
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{58D71D26-37FB-4CAA-B85F-BC9A2445FC3D}: NameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{58D71D26-37FB-4CAA-B85F-BC9A2445FC3D}: NameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{58D71D26-37FB-4CAA-B85F-BC9A2445FC3D}: NameServer = 192.168.0.1
 

darkdelta

Thread Starter
Joined
Oct 5, 2003
Messages
19
Hello and thanks a lot! Funny Norton wouldn't find the executable, but nothing is perfect. I used regedit and took care of the registry entry. Again thanks
 

dvk01

Retired Moderator Retired Malware Specialist
Joined
Dec 14, 2002
Messages
56,452
First Name
Derek

darkdelta

Thread Starter
Joined
Oct 5, 2003
Messages
19
I used trendmicro's scanner and came back with a clean bill of health. By the way Widows Explorer reports registry.exe file size as 42 kb. I still have the executable file. Thanks again
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top