1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

HijackThis v1.97 log plz help

Discussion in 'Virus & Other Malware Removal' started by madskull, Sep 19, 2003.

Thread Status:
Not open for further replies.
  1. madskull

    madskull Thread Starter

    Joined:
    Sep 19, 2003
    Messages:
    1
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\htpatch.exe
    C:\WINDOWS\Dit.exe
    C:\Programmer\Medion Home CinemaXL\PowerCinema\PCMService.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe
    C:\Programmer\Fælles filer\Microsoft Shared\Works Shared\WkUFind.exe
    C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_AICN03.EXE
    C:\programmer\steam\steam.exe
    C:\Programmer\Trillian\trillian.exe
    C:\Programmer\Fælles filer\Microsoft Shared\VS7Debug\mdm.exe
    C:\Programmer\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\DitExp.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\Programmer\Internet Explorer\IEXPLORE.EXE
    C:\Documents and Settings\Mads\Skrivebord\HijackThis.exe
    C:\Programmer\Messenger\msmsgs.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Tiscali A/S - Microsoft Internet Explorer
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmer\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmer\Norton AntiVirus\NavShExt.dll
    O4 - HKCU\..\Run: [EPSON Stylus COLOR 580] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_AICN03.EXE /P22 "EPSON Stylus COLOR 580" /O6 "USB001" /M "Stylus COLOR 580"
    O4 - HKCU\..\Run: [Steam] "c:\programmer\steam\steam.exe" -silent
    O4 - Startup: Trillian.lnk = ?
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Messenger (HKLM)
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/0949b49c62ef8cc83c19/netzip/RdxIE601.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37672.2841898148
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab


    Is everything allright?
    My p2p networking.exe is running when i start windows. I think it is a bit suspicius - don't you - i really need help, cuz i don't understand any of this :D
     
  2. e-liam

    e-liam

    Joined:
    Jun 19, 2003
    Messages:
    1,242
    Hi madskull, and welcome to TSG.. :)

    Could you please run a new HJT! log, "click to fix" the following entries, close all browser windows, and click Fix

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks

    O4 - Startup: Trillian.lnk = ?

    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/0949b49c62ef8c...ip/RdxIE601.cab


    Then reboot.

    I can't see any reference to P2P in your log. If you go to Start | Run and type msconfig, and click the Startup tab this will give you a list of all programs started with windows. You can disable P2P from here, by unchecking it.

    Cheers

    Liam
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/165881

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice