1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Help My Hijack This Log!!!!!!!!

Discussion in 'Virus & Other Malware Removal' started by gteamboywonda, Apr 6, 2008.

Thread Status:
Not open for further replies.
  1. gteamboywonda

    gteamboywonda Thread Starter

    Joined:
    Apr 6, 2008
    Messages:
    1
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 7:56:37 PM, on 4/6/2008
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)
    Boot mode: Normal

    Running processes:
    D:\WINDOWS\System32\smss.exe
    D:\WINDOWS\system32\csrss.exe
    D:\WINDOWS\system32\winlogon.exe
    D:\WINDOWS\system32\services.exe
    D:\WINDOWS\system32\lsass.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\System32\svchost.exe
    D:\WINDOWS\System32\svchost.exe
    D:\WINDOWS\System32\svchost.exe
    D:\WINDOWS\system32\spoolsv.exe
    D:\WINDOWS\System32\alg.exe
    D:\WINDOWS\System32\atievxx.exe
    D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    D:\WINDOWS\System32\inetsrv\inetinfo.exe
    D:\WINDOWS\System32\svchost.exe
    D:\WINDOWS\System32\wdfmgr.exe
    D:\WINDOWS\Explorer.EXE
    D:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    D:\WINDOWS\System32\SNDVOL32.EXE
    D:\Program Files\AIM6\aim6.exe
    D:\Program Files\AIM6\aolsoftware.exe
    D:\Program Files\Maxthon2\Maxthon.exe
    D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    D:\WINDOWS\System32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://myspace.com/
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: (no name) - {0E45F7B1-0532-1DB8-2F23-6A2D8FF1F2FB} - (no file)
    O2 - BHO: On The Net Search Helper - {4E8F5D76-EF5B-46C8-B35B-C86F8BD6621A} - D:\WINDOWS\System32\memow.dll
    O2 - BHO: (no name) - {5B55A33B-2D18-4CCF-9090-0B9E1D74EDB4} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: (no name) - {7F30CE45-67C2-2113-D68C-508EA5CEDCFF} - (no file)
    O2 - BHO: (no name) - {CD2344DD-C1A1-4CE5-B00E-169B8F8981E8} - (no file)
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKCU\..\Run: [comup] D:\WINDOWS\System32\mobjchku.exe
    O8 - Extra context menu item: &Search - ?p=ZCfox000
    O15 - Trusted Zone: *.amaena.com
    O15 - Trusted Zone: *.avsystemcare.com
    O15 - Trusted Zone: *.onerateld.com
    O15 - Trusted Zone: *.safetydownload.com
    O15 - Trusted Zone: *.trustedantivirus.com
    O15 - Trusted Zone: *.virusschlacht.com
    O15 - Trusted Zone: *.amaena.com (HKLM)
    O15 - Trusted Zone: *.avsystemcare.com (HKLM)
    O15 - Trusted Zone: *.onerateld.com (HKLM)
    O15 - Trusted Zone: *.safetydownload.com (HKLM)
    O15 - Trusted Zone: *.trustedantivirus.com (HKLM)
    O15 - Trusted Zone: *.virusschlacht.com (HKLM)
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
    O16 - DPF: {50BD5CDA-4BA8-4048-8FAA-763F222E41D8} - ms-its:mhtml:file://c:\\nores.mht!http://adxanet.net/code/chm/xpre.chm::/xpreload.ocx
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1195451550136
    O17 - HKLM\System\CCS\Services\Tcpip\..\{D9C48CCB-8244-498A-B5BB-42DBF60613C4}: NameServer = 85.255.116.51,85.255.112.104
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.51 85.255.112.104
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.51 85.255.112.104
    O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
    O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - D:\Program Files\Ares\chatServer.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

    --
    End of file - 3962 bytes
     
    gteamboywonda, Apr 6, 2008
    #1
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - Help Hijack
  1. bj nick

    New Laptop plagued by browser hijacker....help!

    bj nick, Nov 2, 2019, in forum: Virus & Other Malware Removal
    Replies:
    0
    Views:
    688
    bj nick
    Nov 2, 2019
  2. lubr

    In Progress i need help really bad..

    lubr, Jan 5, 2020, in forum: Virus & Other Malware Removal
    Replies:
    3
    Views:
    549
    iMacg3
    Jan 7, 2020
  3. lp2xxx

    In Progress StartupCheckLibrary.dll &winscomrssrv.dll Missing, help!

    lp2xxx, Jan 3, 2020, in forum: Virus & Other Malware Removal
    Replies:
    1
    Views:
    514
    iMacg3
    Jan 5, 2020
  4. BigPotato

    New Slow laptop need help

    BigPotato, Dec 14, 2019, in forum: Virus & Other Malware Removal
    Replies:
    4
    Views:
    630
    Cookiegal
    Dec 14, 2019
  5. ebaile7494

    New Help Please

    ebaile7494, Jun 4, 2019, in forum: Virus & Other Malware Removal
    Replies:
    0
    Views:
    860
    ebaile7494
    Jun 4, 2019
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/701100

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice